{"id":1258,"date":"2025-01-04T07:14:16","date_gmt":"2025-01-04T07:14:16","guid":{"rendered":"https:\/\/hackmybox.com\/?p=1258"},"modified":"2025-09-08T16:27:46","modified_gmt":"2025-09-08T16:27:46","slug":"enumerating-retrieving-password-policies","status":"publish","type":"post","link":"https:\/\/hackmybox.com\/index.php\/2025\/01\/04\/enumerating-retrieving-password-policies\/","title":{"rendered":"Enumerating , Retrieving Password Policies &amp; Password Spraying"},"content":{"rendered":"<div class=\"vce-row-container\" data-vce-boxed-width=\"true\"><div class=\"vce-row vce-row--col-gap-30 vce-row-equal-height vce-row-content--top\" id=\"el-a1f909f2\" data-vce-do-apply=\"all el-a1f909f2\"><div class=\"vce-row-content\" data-vce-element-content=\"true\"><div class=\"vce-col vce-col--md-auto vce-col--xs-1 vce-col--xs-last vce-col--xs-first vce-col--sm-last vce-col--sm-first vce-col--md-last vce-col--lg-last vce-col--xl-last vce-col--md-first vce-col--lg-first vce-col--xl-first\" id=\"el-0dcd3d45\"><div class=\"vce-col-inner\" data-vce-do-apply=\"border margin background  el-0dcd3d45\"><div class=\"vce-col-content\" data-vce-element-content=\"true\" data-vce-do-apply=\"padding el-0dcd3d45\"><div class=\"vce-text-block\"><div class=\"vce-text-block-wrapper vce\" id=\"el-14364307\" data-vce-do-apply=\"all el-14364307\"><p style=\"text-align: center;\"><span style=\"color: #00ff00;\">(Insights from HTB Academy)<\/span><\/p><\/div><\/div><div class=\"vce-text-block\"><div class=\"vce-text-block-wrapper vce\" id=\"el-09756cef\" data-vce-do-apply=\"all el-09756cef\"><p><span style=\"color: #00ff00;\">Objective :<\/span> The section you provided outlines several techniques for enumerating and retrieving password policies in Active Directory (AD) environments, using both credentialed and non-credentialed methods. Here's a summary of the key approaches mentioned:<\/p><p><span style=\"color: #00ff00;\">enum4linux<\/span> : Linux tool that helps gather information from Windows systems using SMB (Server Message Block) protocol.<\/p><p>Here's a breakdown of the command:<\/p><p><span style=\"color: #00ff00;\">enum4linux -P 172.16.5.5<\/span><\/p><p><span style=\"color: #00ff00;\">-P<\/span> : The option for enumerating password policy details from the target machine.<br><span style=\"color: #00ff00;\">172.16.5.5<\/span>: The target machine's IP address.<\/p><p>When you run the command, it attempts to gather information about the password policy of the Windows system such as:<\/p><ul><li>Minimum password length<\/li><li>Maximum password age<\/li><li>Password complexity requirements<\/li><li>Lockout settings<\/li><\/ul><\/div><\/div><div class=\"vce-single-image-container vce-single-image--align-left\"><div class=\"vce vce-single-image-wrapper\" id=\"el-1408ecd3\" data-vce-do-apply=\"all el-1408ecd3\"><figure><div class=\"vce-single-image-figure-inner\" style=\"width: 1024px;\"><div class=\"vce-single-image-inner vce-single-image--absolute\" style=\"width: 100%; padding-bottom: 67.6758%;\"><img loading=\"lazy\" decoding=\"async\" class=\"vce-single-image\"  width=\"1024\" height=\"693\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-10-56-46-e1735888395644-1024x693.png 1024w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-10-56-46-e1735888395644-320x217.png 320w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-10-56-46-e1735888395644-480x325.png 480w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-10-56-46-e1735888395644-800x541.png 800w\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-10-56-46-e1735888395644-1024x693.png\" data-img-src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-10-56-46-e1735888395644.png\" data-attachment-id=\"1261\"  alt=\"\" title=\"enum1\" \/><\/div><\/div><figcaption hidden=\"\"><\/figcaption><\/figure><\/div><\/div><div class=\"vce-single-image-container vce-single-image--align-left\"><div class=\"vce vce-single-image-wrapper\" id=\"el-c71e089c\" data-vce-do-apply=\"all el-c71e089c\"><figure><div class=\"vce-single-image-figure-inner\" style=\"width: 1024px;\"><div class=\"vce-single-image-inner vce-single-image--absolute\" style=\"width: 100%; padding-bottom: 65.7227%;\"><img loading=\"lazy\" decoding=\"async\" class=\"vce-single-image\"  width=\"1024\" height=\"673\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-10-57-15-e1735888455982-1024x673.png 1024w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-10-57-15-e1735888455982-320x210.png 320w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-10-57-15-e1735888455982-480x316.png 480w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-10-57-15-e1735888455982-800x526.png 800w\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-10-57-15-e1735888455982-1024x673.png\" data-img-src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-10-57-15-e1735888455982.png\" data-attachment-id=\"1262\"  alt=\"\" title=\"enum2\" \/><\/div><\/div><figcaption hidden=\"\"><\/figcaption><\/figure><\/div><\/div><div class=\"vce-text-block\"><div class=\"vce-text-block-wrapper vce\" id=\"el-bb79f689\" data-vce-do-apply=\"all el-bb79f689\"><p>The <span style=\"color: #00ff00;\">enum4linux -U<\/span> command is used to enumerate user accounts from a target Windows system via the SMB protocol.<\/p><\/div><\/div><div class=\"vce-single-image-container vce-single-image--align-left\"><div class=\"vce vce-single-image-wrapper\" id=\"el-39d522f4\" data-vce-do-apply=\"all el-39d522f4\"><figure><div class=\"vce-single-image-figure-inner\" style=\"width: 1024px;\"><div class=\"vce-single-image-inner vce-single-image--absolute\" style=\"width: 100%; padding-bottom: 59.4727%;\"><img loading=\"lazy\" decoding=\"async\" class=\"vce-single-image\"  width=\"1024\" height=\"609\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-11-29-14-e1735889410479-1024x610.png 1024w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-11-29-14-e1735889410479-320x191.png 320w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-11-29-14-e1735889410479-480x286.png 480w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-11-29-14-e1735889410479-800x476.png 800w\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-11-29-14-e1735889410479-1024x610.png\" data-img-src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-11-29-14-e1735889410479.png\" data-attachment-id=\"1264\"  alt=\"\" title=\"enum3\" \/><\/div><\/div><figcaption hidden=\"\"><\/figcaption><\/figure><\/div><\/div><div class=\"vce-single-image-container vce-single-image--align-left\"><div class=\"vce vce-single-image-wrapper\" id=\"el-644d7503\" data-vce-do-apply=\"all el-644d7503\"><figure><div class=\"vce-single-image-figure-inner\" style=\"width: 1024px;\"><div class=\"vce-single-image-inner vce-single-image--absolute\" style=\"width: 100%; padding-bottom: 59.2773%;\"><img loading=\"lazy\" decoding=\"async\" class=\"vce-single-image\"  width=\"1024\" height=\"607\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-11-32-17-e1735889592178-1024x608.png 1024w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-11-32-17-e1735889592178-320x190.png 320w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-11-32-17-e1735889592178-480x285.png 480w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-11-32-17-e1735889592178-800x475.png 800w\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-11-32-17-e1735889592178-1024x608.png\" data-img-src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-03-11-32-17-e1735889592178.png\" data-attachment-id=\"1266\"  alt=\"\" title=\"enum4\" \/><\/div><\/div><figcaption hidden=\"\"><\/figcaption><\/figure><\/div><\/div><div class=\"vce-text-block\"><div class=\"vce-text-block-wrapper vce\" id=\"el-8ea3b6be\" data-vce-do-apply=\"all el-8ea3b6be\"><p><span style=\"color: #00ff00;\">kerbrute:<\/span> This is a tool designed for Kerberos brute-forcing and user enumeration. It leverages the Kerberos protocol to find valid usernames in a domain by checking if a specific user exists.<\/p><p><span style=\"color: #00ff00;\">kerbrute userenum -d inlanefreight.local --dc 176.16.5.5 \/opt\/jsmith.txt<\/span><\/p><p><span style=\"color: #00ff00;\">userenum:<\/span> This flag tells kerbrute to perform user enumeration. It checks if the usernames provided are valid on the specified Active Directory domain.<\/p><p><span style=\"color: #00ff00;\">-d inlanefreight.local:<\/span> The -d flag specifies the domain you are targeting, which in this case is inlanefreight.local. This is the domain where the user enumeration is being performed.<\/p><p><span style=\"color: #00ff00;\">--dc 176.16.5.5:<\/span> The --dc flag specifies the domain controller (DC) to be used for authentication. The domain controller is the server responsible for authenticating users and managing the domain, and its IP address is 176.16.5.5 in this case.<\/p><p><span style=\"color: #00ff00;\">\/opt\/jsmith.txt:<\/span> This is the path to a file that contains a list of usernames you want to check for existence in the domain inlanefreight.local. Each username in the file will be checked against the domain controller to determine whether it is valid.<\/p><\/div><\/div><div class=\"vce-single-image-container vce-single-image--align-left\"><div class=\"vce vce-single-image-wrapper\" id=\"el-23116a98\" data-vce-do-apply=\"all el-23116a98\"><figure><div class=\"vce-single-image-figure-inner\" style=\"width: 936px;\"><div class=\"vce-single-image-inner vce-single-image--absolute\" style=\"width: 100%; padding-bottom: 90.7051%;\"><img loading=\"lazy\" decoding=\"async\" class=\"vce-single-image\"  width=\"936\" height=\"849\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-04-10-48-38-320x290.png 320w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-04-10-48-38-480x435.png 480w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-04-10-48-38-800x726.png 800w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/09\/Screenshot-from-2025-01-04-10-48-38-936x849.png 936w\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/09\/Screenshot-from-2025-01-04-10-48-38-936x849.png\" data-img-src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-04-10-48-38.png\" data-attachment-id=\"1280\"  alt=\"\" title=\"Kerb4\" \/><\/div><\/div><figcaption hidden=\"\"><\/figcaption><\/figure><\/div><\/div><div class=\"vce-single-image-container vce-single-image--align-left\"><div class=\"vce vce-single-image-wrapper\" id=\"el-9a776618\" data-vce-do-apply=\"all el-9a776618\"><figure><div class=\"vce-single-image-figure-inner\" style=\"width: 936px;\"><div class=\"vce-single-image-inner vce-single-image--absolute\" style=\"width: 100%; padding-bottom: 90.7051%;\"><img loading=\"lazy\" decoding=\"async\" class=\"vce-single-image\"  width=\"936\" height=\"849\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-04-10-50-03-320x290.png 320w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-04-10-50-03-480x435.png 480w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-04-10-50-03-800x726.png 800w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/09\/Screenshot-from-2025-01-04-10-50-03-936x849.png 936w\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/09\/Screenshot-from-2025-01-04-10-50-03-936x849.png\" data-img-src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/Screenshot-from-2025-01-04-10-50-03.png\" data-attachment-id=\"1281\"  alt=\"\" title=\"kerb5\" \/><\/div><\/div><figcaption hidden=\"\"><\/figcaption><\/figure><\/div><\/div><div class=\"vce-raw-html\"><div class=\"vce-raw-html-wrapper\" id=\"el-ec786a97\" data-vce-do-apply=\"all el-ec786a97\"><script async=\"\" src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-1499161372675368\" crossorigin=\"anonymous\"><\/script>\n<ins class=\"adsbygoogle\" style=\"display:block\" data-ad-format=\"fluid\" data-ad-layout-key=\"-c2+73+2h-1m-4u\" data-ad-client=\"ca-pub-1499161372675368\" data-ad-slot=\"8728040126\"><\/ins>\n<script>\n     (adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/div><\/div><div class=\"vce-raw-html\"><div class=\"vce-raw-html-wrapper\" id=\"el-11a0e3c2\" data-vce-do-apply=\"all el-11a0e3c2\"><p><strong>HyperText Markup Language (HTML)<\/strong> is the standard markup language for creating web pages and web applications.<\/p><\/div><\/div><div class=\"vce-text-block\"><div class=\"vce-text-block-wrapper vce\" id=\"el-6c3aa6ac\" data-vce-do-apply=\"all el-6c3aa6ac\"><p>We can conclude this lab using a password spray with Kerbrute.<\/p><ol><li>First, create a text file containing the gathered usernames. We can also use Enum4linux.<\/li><\/ol><\/div><\/div><div class=\"vce-single-image-container vce-single-image--align-left\"><div class=\"vce vce-single-image-wrapper\" id=\"el-ef2e1a2e\" data-vce-do-apply=\"all el-ef2e1a2e\"><figure><div class=\"vce-single-image-figure-inner\" style=\"width: 1024px;\"><div class=\"vce-single-image-inner vce-single-image--absolute\" style=\"width: 100%; padding-bottom: 58.3008%;\"><img loading=\"lazy\" decoding=\"async\" class=\"vce-single-image\"  width=\"1024\" height=\"597\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/enum4linux3-1024x597.png 1024w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/enum4linux3-320x187.png 320w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/enum4linux3-480x280.png 480w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/enum4linux3-800x467.png 800w\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/enum4linux3-1024x597.png\" data-img-src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/enum4linux3.png\" data-attachment-id=\"1289\"  alt=\"\" title=\"enum4linux3\" \/><\/div><\/div><figcaption hidden=\"\"><\/figcaption><\/figure><\/div><\/div><div class=\"vce-text-block\"><div class=\"vce-text-block-wrapper vce\" id=\"el-e7597607\" data-vce-do-apply=\"all el-e7597607\"><p><span style=\"color: #00ff00;\">2.&nbsp;<\/span> Finally, perform a password spray against the user text file we created.<\/p><\/div><\/div><div class=\"vce-single-image-container vce-single-image--align-left\"><div class=\"vce vce-single-image-wrapper\" id=\"el-de360636\" data-vce-do-apply=\"all el-de360636\"><figure><div class=\"vce-single-image-figure-inner\" style=\"width: 955px;\"><div class=\"vce-single-image-inner vce-single-image--absolute\" style=\"width: 100%; padding-bottom: 47.0157%;\"><img loading=\"lazy\" decoding=\"async\" class=\"vce-single-image\"  width=\"955\" height=\"449\" srcset=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/kerbrute2-320x150.jpg 320w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/kerbrute2-480x226.jpg 480w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/kerbrute2-800x376.jpg 800w, https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/09\/kerbrute2-955x449.jpg 955w\" src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/09\/kerbrute2-955x449.jpg\" data-img-src=\"https:\/\/hackmybox.com\/wp-content\/uploads\/2025\/01\/kerbrute2.jpg\" data-attachment-id=\"1302\"  alt=\"\" title=\"kerbrute2\" \/><\/div><\/div><figcaption hidden=\"\"><\/figcaption><\/figure><\/div><\/div><div class=\"vce-text-block\"><div class=\"vce-text-block-wrapper vce\" id=\"el-df89e5a6\" data-vce-do-apply=\"all el-df89e5a6\"><p>Explanation:<\/p><p><br><span style=\"color: #00ff00;\">-d<\/span> inlanefreight.local specifies the domain you're targeting.<br><span style=\"color: #00ff00;\">--dc 172.16.5.5<\/span> specifies the IP address of the domain controller.<br><span style=\"color: #00ff00;\">users.txt<\/span> is the file containing the usernames.<br><span style=\"color: #00ff00;\">Welcome1<\/span> is the password to attempt.<\/p><\/div><\/div><div class=\"vce-text-block\"><div class=\"vce-text-block-wrapper vce\" id=\"el-733dade8\" data-vce-do-apply=\"all el-733dade8\"><p><span style=\"color: #00ff00;\">Final Thought:<\/span><\/p><p>This method highlights the critical importance of having strong password policies in place. A complex and unique password is essential to defending against password spraying attacks. Simple, commonly used passwords can easily be guessed and exploited by attackers. Additionally, consider implementing multi-factor authentication (MFA) as an extra layer of protection to further reduce the risk of unauthorized access.<\/p><\/div><\/div><div class=\"vce vce-separator-container vce-separator--align-center vce-separator--style-solid\" id=\"el-6a85362a\" data-vce-do-apply=\"margin el-6a85362a\"><div class=\"vce-separator vce-separator--color-bfc0c1 vce-separator--width-60 vce-separator--thickness-1\" data-vce-do-apply=\"border padding background  el-6a85362a\"><\/div><\/div><div class=\"vce-text-block\"><div class=\"vce-text-block-wrapper vce\" id=\"el-86cbae6f\" data-vce-do-apply=\"all el-86cbae6f\"><p style=\"text-align: center;\">Want to learn more and gain hands-on experience? Sign up with HTB Academy by clicking the link below<\/p><\/div><\/div><div class=\"vce-button--style-basic-container vce-button--style-basic-container--align-center\"><span class=\"vce-button--style-basic-wrapper vce\" id=\"el-4f9dd99f\" data-vce-do-apply=\"margin el-4f9dd99f\"><button class=\"vce-button vce-button--style-basic vce-button--style-basic--border-rounded vce-button--style-basic--size-medium vce-button--style-basic--color-b-138-198-10--fff\" data-vce-do-apply=\"padding border background  el-4f9dd99f\">JOIN NOW<\/button><\/span><\/div><\/div><\/div><\/div><\/div><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>(Insights from HTB Academy)Objective : The section you provided outlines several techniques for enumerating and retrieving password policies in Active Directory (AD) environments, using both credentialed and non-credentialed methods. Here&#8217;s a summary of the key approaches mentioned:enum4linux : Linux tool that helps gather information from Windows systems using SMB (Server Message Block) protocol.Here&#8217;s a breakdown [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2021,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","site-transparent-header":"default","prose-style":"enable","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[18],"tags":[],"class_list":["post-1258","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-active-directory"],"_links":{"self":[{"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/posts\/1258","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/comments?post=1258"}],"version-history":[{"count":31,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/posts\/1258\/revisions"}],"predecessor-version":[{"id":2067,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/posts\/1258\/revisions\/2067"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/media\/2021"}],"wp:attachment":[{"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/media?parent=1258"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/categories?post=1258"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackmybox.com\/index.php\/wp-json\/wp\/v2\/tags?post=1258"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}