{"id":479464,"date":"2023-08-09T10:40:25","date_gmt":"2023-08-09T10:40:25","guid":{"rendered":""},"modified":"2023-09-05T11:18:54","modified_gmt":"2023-09-05T11:18:54","slug":"url-redirection-attack","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/vn\/wiki\/url-redirection-attack\/","title":{"rendered":"T\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL"},"content":{"rendered":"<p>T\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL l\u00e0 m\u1ed9t lo\u1ea1i m\u1ed1i \u0111e d\u1ecda an ninh m\u1ea1ng nh\u1eb1m thao t\u00fang vi\u1ec7c chuy\u1ec3n h\u01b0\u1edbng URL \u0111\u1ebfn c\u00e1c trang web \u0111\u1ed9c h\u1ea1i ho\u1eb7c c\u00e1c trang l\u1eeba \u0111\u1ea3o. C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y khai th\u00e1c l\u1ed7 h\u1ed5ng trong \u1ee9ng d\u1ee5ng web ho\u1eb7c m\u00e1y ch\u1ee7 web b\u1ecb \u0111\u1ecbnh c\u1ea5u h\u00ecnh sai \u0111\u1ec3 chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn c\u00e1c trang web tr\u00e1i ph\u00e9p, th\u01b0\u1eddng c\u00f3 m\u1ee5c \u0111\u00edch x\u1ea5u. M\u1ee5c ti\u00eau c\u1ee7a c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng nh\u01b0 v\u1eady th\u01b0\u1eddng l\u00e0 \u0111\u00e1nh c\u1eafp th\u00f4ng tin nh\u1ea1y c\u1ea3m, ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i ho\u1eb7c th\u1ef1c hi\u1ec7n c\u00e1c chi\u1ebfn d\u1ecbch l\u1eeba \u0111\u1ea3o.<\/p>\n<h2>L\u1ecbch s\u1eed ngu\u1ed3n g\u1ed1c c\u1ee7a cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL v\u00e0 l\u1ea7n \u0111\u1ea7u ti\u00ean \u0111\u1ec1 c\u1eadp \u0111\u1ebfn n\u00f3<\/h2>\n<p>Kh\u00e1i ni\u1ec7m t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL c\u00f3 th\u1ec3 b\u1eaft ngu\u1ed3n t\u1eeb nh\u1eefng ng\u00e0y \u0111\u1ea7u c\u1ee7a Internet khi c\u00e1c trang web b\u1eaft \u0111\u1ea7u bao g\u1ed3m c\u00e1c ch\u1ee9c n\u0103ng chuy\u1ec3n h\u01b0\u1edbng URL cho nhi\u1ec1u m\u1ee5c \u0111\u00edch kh\u00e1c nhau, ch\u1eb3ng h\u1ea1n nh\u01b0 theo d\u00f5i li\u00ean k\u1ebft v\u00e0 x\u1eed l\u00fd chuy\u1ec3n h\u01b0\u1edbng trang. Tuy nhi\u00ean, vi\u1ec7c khai th\u00e1c \u0111\u1ed9c h\u1ea1i c\u00e1c c\u01a1 ch\u1ebf chuy\u1ec3n h\u01b0\u1edbng n\u00e0y xu\u1ea5t hi\u1ec7n sau \u0111\u00f3 khi nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng t\u00ecm ra nh\u1eefng c\u00e1ch m\u1edbi \u0111\u1ec3 thao t\u00fang ch\u00fang cho c\u00e1c m\u1ee5c \u0111\u00edch b\u1ea5t ch\u00ednh.<\/p>\n<p>S\u1ef1 \u0111\u1ec1 c\u1eadp \u0111\u00e1ng ch\u00fa \u00fd \u0111\u1ea7u ti\u00ean v\u1ec1 c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL c\u00f3 t\u1eeb \u0111\u1ea7u nh\u1eefng n\u0103m 2000. Trong th\u1eddi gian n\u00e0y, nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng b\u1eaft \u0111\u1ea7u khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng trong c\u00e1c trang web v\u00e0 \u1ee9ng d\u1ee5ng cho ph\u00e9p ng\u01b0\u1eddi d\u00f9ng ki\u1ec3m so\u00e1t \u0111\u1ea7u v\u00e0o trong c\u00e1c tham s\u1ed1 URL, d\u1eabn \u0111\u1ebfn chuy\u1ec3n h\u01b0\u1edbng tr\u00e1i ph\u00e9p. Khi c\u00f4ng ngh\u1ec7 web ti\u1ebfn b\u1ed9, \u0111\u1ed9 ph\u1ee9c t\u1ea1p c\u1ee7a c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y c\u0169ng t\u0103ng l\u00ean, khi\u1ebfn ch\u00fang tr\u1edf th\u00e0nh m\u1ed1i lo ng\u1ea1i \u0111\u00e1ng k\u1ec3 \u0111\u1ed1i v\u1edbi c\u00e1c qu\u1ea3n tr\u1ecb vi\u00ean web v\u00e0 chuy\u00ean gia b\u1ea3o m\u1eadt.<\/p>\n<h2>Th\u00f4ng tin chi ti\u1ebft v\u1ec1 cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL<\/h2>\n<p>Cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL ho\u1ea1t \u0111\u1ed9ng b\u1eb1ng c\u00e1ch khai th\u00e1c \u0111i\u1ec3m y\u1ebfu trong m\u00e3 ho\u1eb7c c\u1ea5u h\u00ecnh c\u1ee7a trang web m\u1ee5c ti\u00eau \u0111\u1ec3 chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn c\u00e1c \u0111i\u1ec3m \u0111\u1ebfn ngo\u00e0i \u00fd mu\u1ed1n. Cu\u1ed9c t\u1ea5n c\u00f4ng th\u01b0\u1eddng x\u1ea3y ra khi m\u1ed9t trang web s\u1eed d\u1ee5ng d\u1eef li\u1ec7u do ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p \u0111\u1ec3 x\u00e2y d\u1ef1ng m\u1ed9t URL, sau \u0111\u00f3 \u0111\u01b0\u1ee3c chuy\u1ec3n h\u01b0\u1edbng m\u00e0 kh\u00f4ng \u0111\u01b0\u1ee3c x\u00e1c th\u1ef1c ho\u1eb7c v\u1ec7 sinh th\u00edch h\u1ee3p. L\u1ed7 h\u1ed5ng n\u00e0y cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng thao t\u00fang c\u00e1c tham s\u1ed1 URL v\u00e0 d\u1eabn ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn c\u00e1c mi\u1ec1n \u0111\u1ed9c h\u1ea1i.<\/p>\n<p>Nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng th\u01b0\u1eddng ng\u1ee5y trang c\u00e1c URL \u0111\u1ed9c h\u1ea1i \u0111\u1ec3 c\u00f3 v\u1ebb h\u1ee3p ph\u00e1p, t\u0103ng c\u01a1 h\u1ed9i chuy\u1ec3n h\u01b0\u1edbng th\u00e0nh c\u00f4ng v\u00e0 thu h\u00fat n\u1ea1n nh\u00e2n. Ch\u00fang c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng c\u00e1c k\u1ef9 thu\u1eadt l\u1eeba \u0111\u1ea3o qua m\u1ea1ng x\u00e3 h\u1ed9i, l\u00f4i k\u00e9o ng\u01b0\u1eddi d\u00f9ng nh\u1ea5p v\u00e0o c\u00e1c li\u00ean k\u1ebft t\u01b0\u1edfng ch\u1eebng nh\u01b0 v\u00f4 h\u1ea1i nh\u01b0ng th\u1ef1c ch\u1ea5t l\u1ea1i d\u1eabn \u0111\u1ebfn c\u00e1c trang \u0111\u00edch c\u00f3 h\u1ea1i.<\/p>\n<h2>C\u1ea5u tr\u00fac b\u00ean trong c\u1ee7a cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL: C\u00e1ch ho\u1ea1t \u0111\u1ed9ng c\u1ee7a cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL<\/h2>\n<p>C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL khai th\u00e1c c\u00e1c c\u01a1 ch\u1ebf c\u01a1 b\u1ea3n c\u1ee7a chuy\u1ec3n h\u01b0\u1edbng URL, ch\u1eb3ng h\u1ea1n nh\u01b0 m\u00e3 tr\u1ea1ng th\u00e1i HTTP 3xx, cho bi\u1ebft t\u00e0i nguy\u00ean \u0111\u01b0\u1ee3c y\u00eau c\u1ea7u \u0111\u00e3 di chuy\u1ec3n \u0111\u1ebfn m\u1ed9t v\u1ecb tr\u00ed m\u1edbi. C\u00e1c m\u00e3 tr\u1ea1ng th\u00e1i HTTP ph\u1ed5 bi\u1ebfn \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y bao g\u1ed3m:<\/p>\n<ul>\n<li>301 \u0110\u00e3 di chuy\u1ec3n v\u0129nh vi\u1ec5n: Cho bi\u1ebft chuy\u1ec3n h\u01b0\u1edbng v\u0129nh vi\u1ec5n sang m\u1ed9t URL m\u1edbi.<\/li>\n<li>302 Found (ho\u1eb7c t\u1ea1m th\u1eddi di chuy\u1ec3n): Cho bi\u1ebft chuy\u1ec3n h\u01b0\u1edbng t\u1ea1m th\u1eddi sang m\u1ed9t URL m\u1edbi.<\/li>\n<li>Chuy\u1ec3n h\u01b0\u1edbng t\u1ea1m th\u1eddi 307: T\u01b0\u01a1ng t\u1ef1 nh\u01b0 302, bi\u1ec3u th\u1ecb chuy\u1ec3n h\u01b0\u1edbng t\u1ea1m th\u1eddi.<\/li>\n<\/ul>\n<p>Qu\u00e1 tr\u00ecnh t\u1ea5n c\u00f4ng bao g\u1ed3m c\u00e1c b\u01b0\u1edbc sau:<\/p>\n<ol>\n<li>\n<p><strong>X\u00e1c \u0111\u1ecbnh c\u00e1c m\u1ee5c ti\u00eau d\u1ec5 b\u1ecb t\u1ed5n th\u01b0\u01a1ng<\/strong>: K\u1ebb t\u1ea5n c\u00f4ng t\u00ecm ki\u1ebfm c\u00e1c trang web ho\u1eb7c \u1ee9ng d\u1ee5ng web s\u1eed d\u1ee5ng d\u1eef li\u1ec7u do ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p \u0111\u1ec3 x\u00e2y d\u1ef1ng URL chuy\u1ec3n h\u01b0\u1edbng.<\/p>\n<\/li>\n<li>\n<p><strong>T\u1ea1o c\u00e1c URL \u0111\u1ed9c h\u1ea1i<\/strong>: Nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng c\u1ea9n th\u1eadn x\u00e2y d\u1ef1ng c\u00e1c URL \u0111\u1ed9c h\u1ea1i v\u1edbi c\u00e1c \u0111\u00edch \u0111\u1ebfn c\u00f3 h\u1ea1i, th\u01b0\u1eddng \u0111\u01b0\u1ee3c ng\u1ee5y trang th\u00e0nh c\u00e1c trang web h\u1ee3p ph\u00e1p ho\u1eb7c \u0111\u00e1ng tin c\u1eady.<\/p>\n<\/li>\n<li>\n<p><strong>Thu h\u00fat ng\u01b0\u1eddi d\u00f9ng<\/strong>: S\u1eed d\u1ee5ng chi\u1ebfn thu\u1eadt k\u1ef9 thu\u1eadt x\u00e3 h\u1ed9i, k\u1ebb t\u1ea5n c\u00f4ng l\u1eeba ng\u01b0\u1eddi d\u00f9ng nh\u1ea5p v\u00e0o c\u00e1c URL \u0111\u01b0\u1ee3c t\u1ea1o ra, d\u1eabn h\u1ecd \u0111\u1ebfn c\u00e1c mi\u1ec1n \u0111\u1ed9c h\u1ea1i.<\/p>\n<\/li>\n<li>\n<p><strong>Chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng<\/strong>: Khi ng\u01b0\u1eddi d\u00f9ng nh\u1ea5p v\u00e0o li\u00ean k\u1ebft b\u1ecb thao t\u00fang, h\u1ecd s\u1ebd t\u1ef1 \u0111\u1ed9ng \u0111\u01b0\u1ee3c chuy\u1ec3n h\u01b0\u1edbng \u0111\u1ebfn trang web do k\u1ebb t\u1ea5n c\u00f4ng ki\u1ec3m so\u00e1t.<\/p>\n<\/li>\n<li>\n<p><strong>Th\u1ef1c hi\u1ec7n \u00fd \u0111\u1ecbnh \u0111\u1ed9c h\u1ea1i<\/strong>: Sau khi \u0111\u01b0\u1ee3c chuy\u1ec3n h\u01b0\u1edbng, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 th\u1ef1c hi\u1ec7n nhi\u1ec1u ho\u1ea1t \u0111\u1ed9ng \u0111\u1ed9c h\u1ea1i kh\u00e1c nhau, ch\u1eb3ng h\u1ea1n nh\u01b0 \u0111\u00e1nh c\u1eafp th\u00f4ng tin \u0111\u0103ng nh\u1eadp, ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i ho\u1eb7c b\u1eaft \u0111\u1ea7u c\u00e1c chi\u1ebfn d\u1ecbch l\u1eeba \u0111\u1ea3o.<\/p>\n<\/li>\n<\/ol>\n<h2>Ph\u00e2n t\u00edch c\u00e1c t\u00ednh n\u0103ng ch\u00ednh c\u1ee7a t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL<\/h2>\n<p>C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL s\u1edf h\u1eefu m\u1ed9t s\u1ed1 t\u00ednh n\u0103ng ch\u00ednh khi\u1ebfn ch\u00fang tr\u1edf n\u00ean nguy hi\u1ec3m v\u00e0 kh\u00f3 ph\u00e1t hi\u1ec7n. M\u1ed9t s\u1ed1 t\u00ednh n\u0103ng n\u00e0y bao g\u1ed3m:<\/p>\n<ul>\n<li>\n<p><strong>l\u00e9n l\u00fat<\/strong>: C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y th\u01b0\u1eddng di\u1ec5n ra l\u00e9n l\u00fat v\u00ec k\u1ebb t\u1ea5n c\u00f4ng ng\u1ee5y trang c\u00e1c URL \u0111\u1ed9c h\u1ea1i \u0111\u1ec3 tr\u00f4ng c\u00f3 v\u1ebb ch\u00ednh h\u00e3ng, khi\u1ebfn ng\u01b0\u1eddi d\u00f9ng kh\u00f3 x\u00e1c \u0111\u1ecbnh \u0111\u01b0\u1ee3c m\u1ed1i \u0111e d\u1ecda.<\/p>\n<\/li>\n<li>\n<p><strong>K\u1ef9 thu\u1eadt x\u00e3 h\u1ed9i<\/strong>: C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL ch\u1ee7 y\u1ebfu d\u1ef1a v\u00e0o c\u00e1c k\u1ef9 thu\u1eadt k\u1ef9 thu\u1eadt x\u00e3 h\u1ed9i \u0111\u1ec3 thu h\u00fat ng\u01b0\u1eddi d\u00f9ng nh\u1ea5p v\u00e0o c\u00e1c li\u00ean k\u1ebft b\u1ecb thao t\u00fang.<\/p>\n<\/li>\n<li>\n<p><strong>T\u00ednh linh ho\u1ea1t<\/strong>: Nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng nhi\u1ec1u ph\u01b0\u01a1ng th\u1ee9c g\u1eedi kh\u00e1c nhau, ch\u1eb3ng h\u1ea1n nh\u01b0 email, nh\u1eafn tin t\u1ee9c th\u1eddi ho\u1eb7c c\u00e1c trang web b\u1ecb x\u00e2m nh\u1eadp \u0111\u1ec3 truy\u1ec1n b\u00e1 c\u00e1c li\u00ean k\u1ebft \u0111\u1ed9c h\u1ea1i.<\/p>\n<\/li>\n<li>\n<p><strong>T\u00e1c \u0111\u1ed9ng r\u1ed9ng r\u00e3i<\/strong>: V\u00ec c\u00e1c \u1ee9ng d\u1ee5ng web th\u01b0\u1eddng xuy\u00ean s\u1eed d\u1ee5ng chuy\u1ec3n h\u01b0\u1edbng URL n\u00ean c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y c\u00f3 kh\u1ea3 n\u0103ng t\u00e1c \u0111\u1ed9ng \u0111\u1ebfn m\u1ed9t s\u1ed1 l\u01b0\u1ee3ng l\u1edbn ng\u01b0\u1eddi d\u00f9ng.<\/p>\n<\/li>\n<\/ul>\n<h2>C\u00e1c lo\u1ea1i t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL<\/h2>\n<p>C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c ph\u00e2n lo\u1ea1i d\u1ef1a tr\u00ean m\u1ee5c ti\u00eau v\u00e0 k\u1ef9 thu\u1eadt \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 m\u1ed9t s\u1ed1 lo\u1ea1i ph\u1ed5 bi\u1ebfn:<\/p>\n<table>\n<thead>\n<tr>\n<th>Ki\u1ec3u<\/th>\n<th>S\u1ef1 mi\u00eau t\u1ea3<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>T\u1ea5n c\u00f4ng l\u1eeba \u0111\u1ea3o<\/td>\n<td>Chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn c\u00e1c trang web l\u1eeba \u0111\u1ea3o b\u1eaft ch\u01b0\u1edbc c\u00e1c trang web h\u1ee3p ph\u00e1p \u0111\u1ec3 \u0111\u00e1nh c\u1eafp th\u00f4ng tin nh\u1ea1y c\u1ea3m.<\/td>\n<\/tr>\n<tr>\n<td>Ph\u00e2n ph\u1ed1i ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i<\/td>\n<td>D\u1eabn ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn c\u00e1c trang web ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i, c\u00f3 th\u1ec3 l\u00e2y nhi\u1ec5m v\u00e0o thi\u1ebft b\u1ecb c\u1ee7a ng\u01b0\u1eddi d\u00f9ng khi truy c\u1eadp.<\/td>\n<\/tr>\n<tr>\n<td>Clickjacking<\/td>\n<td>Che gi\u1ea5u n\u1ed9i dung \u0111\u1ed9c h\u1ea1i b\u00ean d\u01b0\u1edbi c\u00e1c n\u00fat ho\u1eb7c li\u00ean k\u1ebft tr\u00f4ng c\u00f3 v\u1ebb v\u00f4 h\u1ea1i \u0111\u1ec3 l\u1eeba ng\u01b0\u1eddi d\u00f9ng nh\u1ea5p v\u00e0o ch\u00fang.<\/td>\n<\/tr>\n<tr>\n<td>Chuy\u1ec3n h\u01b0\u1edbng m\u1edf<\/td>\n<td>Khai th\u00e1c l\u1ed7 h\u1ed5ng chuy\u1ec3n h\u01b0\u1edbng m\u1edf trong \u1ee9ng d\u1ee5ng web \u0111\u1ec3 chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn c\u00e1c URL t\u00f9y \u00fd.<\/td>\n<\/tr>\n<tr>\n<td>Chuy\u1ec3n h\u01b0\u1edbng b\u00ed m\u1eadt<\/td>\n<td>Ti\u1ebfn h\u00e0nh c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng thao t\u00fang URL trong m\u00e3 JavaScript \u0111\u1ec3 chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng m\u1ed9t c\u00e1ch v\u00f4 t\u00ecnh.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>C\u00e1c c\u00e1ch s\u1eed d\u1ee5ng t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL, c\u00e1c v\u1ea5n \u0111\u1ec1 v\u00e0 gi\u1ea3i ph\u00e1p li\u00ean quan \u0111\u1ebfn vi\u1ec7c s\u1eed d\u1ee5ng<\/h2>\n<h3>C\u00e1c c\u00e1ch s\u1eed d\u1ee5ng t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL<\/h3>\n<p>C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong nhi\u1ec1u ho\u1ea1t \u0111\u1ed9ng \u0111\u1ed9c h\u1ea1i kh\u00e1c nhau, bao g\u1ed3m:<\/p>\n<ol>\n<li>\n<p><strong>Chi\u1ebfn d\u1ecbch l\u1eeba \u0111\u1ea3o<\/strong>: K\u1ebb t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn c\u00e1c trang ho\u1eb7c trang web \u0111\u0103ng nh\u1eadp gi\u1ea3 m\u1ea1o \u0111\u1ec3 \u0111\u00e1nh c\u1eafp th\u00f4ng tin \u0111\u0103ng nh\u1eadp c\u1ee7a h\u1ecd.<\/p>\n<\/li>\n<li>\n<p><strong>Ph\u00e2n ph\u1ed1i ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i<\/strong>: URL \u0111\u1ed9c h\u1ea1i chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn c\u00e1c trang web l\u01b0u tr\u1eef ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i, d\u1eabn \u0111\u1ebfn l\u00e2y nhi\u1ec5m thi\u1ebft b\u1ecb.<\/p>\n<\/li>\n<li>\n<p><strong>G\u1eedi th\u01b0 r\u00e1c SEO<\/strong>: Nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng s\u1eed d\u1ee5ng chuy\u1ec3n h\u01b0\u1edbng URL \u0111\u1ec3 thao t\u00fang k\u1ebft qu\u1ea3 c\u1ee7a c\u00f4ng c\u1ee5 t\u00ecm ki\u1ebfm v\u00e0 qu\u1ea3ng b\u00e1 c\u00e1c trang web spam.<\/p>\n<\/li>\n<li>\n<p><strong>Gi\u1ea3 m\u1ea1o danh t\u00ednh<\/strong>: B\u1eb1ng c\u00e1ch chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn c\u00e1c trang web m\u1ea1o danh, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 \u0111\u00e1nh l\u1eeba n\u1ea1n nh\u00e2n tin t\u01b0\u1edfng v\u00e0o c\u00e1c ngu\u1ed3n \u0111\u1ed9c h\u1ea1i.<\/p>\n<\/li>\n<\/ol>\n<h3>C\u00e1c v\u1ea5n \u0111\u1ec1 v\u00e0 gi\u1ea3i ph\u00e1p li\u00ean quan \u0111\u1ebfn vi\u1ec7c s\u1eed d\u1ee5ng<\/h3>\n<p>C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL \u0111\u1eb7t ra nh\u1eefng th\u00e1ch th\u1ee9c \u0111\u00e1ng k\u1ec3 cho c\u00e1c qu\u1ea3n tr\u1ecb vi\u00ean web v\u00e0 c\u00e1c chuy\u00ean gia b\u1ea3o m\u1eadt. M\u1ed9t s\u1ed1 v\u1ea5n \u0111\u1ec1 ph\u1ed5 bi\u1ebfn v\u00e0 gi\u1ea3i ph\u00e1p c\u1ee7a h\u1ecd bao g\u1ed3m:<\/p>\n<ol>\n<li>\n<p><strong>X\u00e1c th\u1ef1c \u0111\u1ea7u v\u00e0o kh\u00f4ng \u0111\u1ea7y \u0111\u1ee7<\/strong>: Nhi\u1ec1u cu\u1ed9c t\u1ea5n c\u00f4ng l\u00e0 k\u1ebft qu\u1ea3 c\u1ee7a vi\u1ec7c x\u00e1c th\u1ef1c \u0111\u1ea7u v\u00e0o k\u00e9m trong c\u00e1c \u1ee9ng d\u1ee5ng web. Vi\u1ec7c th\u1ef1c hi\u1ec7n x\u00e1c th\u1ef1c \u0111\u1ea7u v\u00e0o nghi\u00eam ng\u1eb7t c\u00f3 th\u1ec3 gi\u1ea3m thi\u1ec3u nh\u1eefng r\u1ee7i ro nh\u01b0 v\u1eady.<\/p>\n<\/li>\n<li>\n<p><strong>Gi\u00e1o d\u1ee5c ng\u01b0\u1eddi d\u00f9ng<\/strong>: \u0110\u00e0o t\u1ea1o ng\u01b0\u1eddi d\u00f9ng c\u00e1ch nh\u1eadn bi\u1ebft v\u00e0 tr\u00e1nh c\u00e1c li\u00ean k\u1ebft \u0111\u00e1ng ng\u1edd c\u00f3 th\u1ec3 l\u00e0m gi\u1ea3m t\u1ef7 l\u1ec7 th\u00e0nh c\u00f4ng c\u1ee7a c\u00e1c n\u1ed7 l\u1ef1c l\u1eeba \u0111\u1ea3o qua m\u1ea1ng x\u00e3 h\u1ed9i.<\/p>\n<\/li>\n<li>\n<p><strong>Danh s\u00e1ch tr\u1eafng URL<\/strong>: C\u00e1c trang web c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng danh s\u00e1ch tr\u1eafng URL \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o r\u1eb1ng chuy\u1ec3n h\u01b0\u1edbng ch\u1ec9 x\u1ea3y ra v\u1edbi c\u00e1c mi\u1ec1n \u0111\u01b0\u1ee3c ph\u00ea duy\u1ec7t.<\/p>\n<\/li>\n<li>\n<p><strong>Ki\u1ec3m tra an ninh<\/strong>: Ki\u1ec3m tra b\u1ea3o m\u1eadt th\u01b0\u1eddng xuy\u00ean v\u00e0 \u0111\u00e1nh gi\u00e1 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt c\u00f3 th\u1ec3 gi\u00fap x\u00e1c \u0111\u1ecbnh v\u00e0 kh\u1eafc ph\u1ee5c c\u00e1c l\u1ed7 h\u1ed5ng chuy\u1ec3n h\u01b0\u1edbng ti\u1ec1m \u1ea9n.<\/p>\n<\/li>\n<\/ol>\n<h2>C\u00e1c \u0111\u1eb7c \u0111i\u1ec3m ch\u00ednh v\u00e0 so s\u00e1nh kh\u00e1c v\u1edbi c\u00e1c thu\u1eadt ng\u1eef t\u01b0\u01a1ng t\u1ef1<\/h2>\n<p>D\u01b0\u1edbi \u0111\u00e2y l\u00e0 m\u1ed9t s\u1ed1 so s\u00e1nh v\u1edbi c\u00e1c thu\u1eadt ng\u1eef t\u01b0\u01a1ng t\u1ef1 li\u00ean quan \u0111\u1ebfn T\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL:<\/p>\n<table>\n<thead>\n<tr>\n<th>Thu\u1eadt ng\u1eef<\/th>\n<th>S\u1ef1 mi\u00eau t\u1ea3<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Chuy\u1ec3n ti\u1ebfp URL<\/td>\n<td>M\u1ed9t k\u1ef9 thu\u1eadt h\u1ee3p ph\u00e1p \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn c\u00e1c URL m\u1edbi v\u0129nh vi\u1ec5n ho\u1eb7c t\u1ea1m th\u1eddi.<\/td>\n<\/tr>\n<tr>\n<td>L\u1eeba \u0111\u1ea3o<\/td>\n<td>M\u1ed9t lo\u1ea1i t\u1ea5n c\u00f4ng r\u1ed9ng h\u01a1n nh\u1eb1m \u0111\u00e1nh l\u1eeba ng\u01b0\u1eddi d\u00f9ng ti\u1ebft l\u1ed9 th\u00f4ng tin nh\u1ea1y c\u1ea3m.<\/td>\n<\/tr>\n<tr>\n<td>Clickjacking<\/td>\n<td>M\u1ed9t ki\u1ec3u t\u1ea5n c\u00f4ng trong \u0111\u00f3 n\u1ed9i dung \u0111\u1ed9c h\u1ea1i b\u1ecb \u1ea9n b\u00ean d\u01b0\u1edbi c\u00e1c ph\u1ea7n t\u1eed c\u00f3 th\u1ec3 nh\u1ea5p v\u00e0o tr\u00ean trang web.<\/td>\n<\/tr>\n<tr>\n<td>L\u1ed7 h\u1ed5ng chuy\u1ec3n h\u01b0\u1edbng m\u1edf<\/td>\n<td>M\u1ed9t l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn c\u00e1c URL t\u00f9y \u00fd trong \u1ee9ng d\u1ee5ng web.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>C\u00e1c quan \u0111i\u1ec3m v\u00e0 c\u00f4ng ngh\u1ec7 trong t\u01b0\u01a1ng lai li\u00ean quan \u0111\u1ebfn t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL<\/h2>\n<p>T\u01b0\u01a1ng lai c\u1ee7a T\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL li\u00ean quan \u0111\u1ebfn m\u1ed9t cu\u1ed9c ch\u1ea1y \u0111ua v\u0169 trang \u0111ang di\u1ec5n ra gi\u1eefa nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng v\u00e0 nh\u1eefng ng\u01b0\u1eddi b\u1ea3o v\u1ec7. Khi c\u00f4ng ngh\u1ec7 ti\u1ebfn b\u1ed9, nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng s\u1ebd t\u00ecm ra nh\u1eefng c\u00e1ch m\u1edbi \u0111\u1ec3 khai th\u00e1c c\u00e1c \u1ee9ng d\u1ee5ng web v\u00e0 thao t\u00fang URL. Trong khi \u0111\u00f3, c\u00e1c chuy\u00ean gia b\u1ea3o m\u1eadt s\u1ebd ti\u1ebfp t\u1ee5c ph\u00e1t tri\u1ec3n c\u00e1c k\u1ef9 thu\u1eadt ti\u00ean ti\u1ebfn \u0111\u1ec3 ph\u00e1t hi\u1ec7n v\u00e0 ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng nh\u01b0 v\u1eady.<\/p>\n<p>C\u00e1c c\u00f4ng ngh\u1ec7 ti\u1ec1m n\u0103ng \u0111\u1ec3 ch\u1ed1ng l\u1ea1i c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL bao g\u1ed3m:<\/p>\n<ol>\n<li>\n<p><strong>H\u1ecdc m\u00e1y<\/strong>: Tri\u1ec3n khai c\u00e1c thu\u1eadt to\u00e1n h\u1ecdc m\u00e1y \u0111\u1ec3 x\u00e1c \u0111\u1ecbnh c\u00e1c m\u1eabu URL \u0111\u1ed9c h\u1ea1i v\u00e0 n\u00e2ng cao \u0111\u1ed9 ch\u00ednh x\u00e1c c\u1ee7a vi\u1ec7c ph\u00e1t hi\u1ec7n.<\/p>\n<\/li>\n<li>\n<p><strong>Ph\u00e2n t\u00edch h\u00e0nh vi<\/strong>: S\u1eed d\u1ee5ng ph\u00e2n t\u00edch h\u00e0nh vi \u0111\u1ec3 ph\u00e1t hi\u1ec7n h\u00e0nh vi chuy\u1ec3n h\u01b0\u1edbng b\u1ea5t th\u01b0\u1eddng v\u00e0 ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng trong th\u1eddi gian th\u1ef1c.<\/p>\n<\/li>\n<li>\n<p><strong>X\u00e1c th\u1ef1c URL n\u00e2ng cao<\/strong>: Ph\u00e1t tri\u1ec3n c\u00e1c k\u1ef9 thu\u1eadt x\u00e1c th\u1ef1c URL n\u00e2ng cao \u0111\u1ec3 gi\u1ea3m thi\u1ec3u r\u1ee7i ro chuy\u1ec3n h\u01b0\u1edbng th\u00e0nh c\u00f4ng.<\/p>\n<\/li>\n<\/ol>\n<h2>C\u00e1ch m\u00e1y ch\u1ee7 proxy c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng ho\u1eb7c li\u00ean quan \u0111\u1ebfn cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL<\/h2>\n<p>M\u00e1y ch\u1ee7 proxy c\u00f3 th\u1ec3 \u0111\u00f3ng m\u1ed9t vai tr\u00f2 quan tr\u1ecdng trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL. Nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng m\u00e1y ch\u1ee7 proxy \u0111\u1ec3 \u1ea9n danh t\u00ednh v\u00e0 v\u1ecb tr\u00ed th\u1ef1c s\u1ef1 c\u1ee7a ch\u00fang, khi\u1ebfn c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt g\u1eb7p kh\u00f3 kh\u0103n trong vi\u1ec7c truy t\u00ecm ngu\u1ed3n g\u1ed1c c\u1ee7a cu\u1ed9c t\u1ea5n c\u00f4ng. B\u1eb1ng c\u00e1ch \u0111\u1ecbnh tuy\u1ebfn l\u01b0u l\u01b0\u1ee3ng truy c\u1eadp th\u00f4ng qua m\u00e1y ch\u1ee7 proxy, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 che gi\u1ea5u ho\u1ea1t \u0111\u1ed9ng c\u1ee7a m\u00ecnh, tr\u00e1nh b\u1ecb ph\u00e1t hi\u1ec7n v\u00e0 th\u1ef1c hi\u1ec7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng hi\u1ec7u qu\u1ea3 h\u01a1n.<\/p>\n<p>H\u01a1n n\u1eefa, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 l\u1ea1m d\u1ee5ng m\u00e1y ch\u1ee7 proxy \u0111\u1ec3 t\u1ea1o chu\u1ed7i chuy\u1ec3n h\u01b0\u1edbng, trong \u0111\u00f3 chuy\u1ec3n h\u01b0\u1edbng ban \u0111\u1ea7u \u0111i qua nhi\u1ec1u proxy tr\u01b0\u1edbc khi \u0111\u1ebfn \u0111\u00edch \u0111\u1ed9c h\u1ea1i cu\u1ed1i c\u00f9ng. \u0110i\u1ec1u n\u00e0y l\u00e0m t\u0103ng th\u00eam \u0111\u1ed9 ph\u1ee9c t\u1ea1p cho vi\u1ec7c theo d\u00f5i v\u00e0 gi\u1ea3m thi\u1ec3u c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y.<\/p>\n<h2>Li\u00ean k\u1ebft li\u00ean quan<\/h2>\n<p>\u0110\u1ec3 bi\u1ebft th\u00eam th\u00f4ng tin v\u1ec1 T\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL v\u00e0 b\u1ea3o m\u1eadt web, h\u00e3y xem x\u00e9t kh\u00e1m ph\u00e1 c\u00e1c t\u00e0i nguy\u00ean sau:<\/p>\n<ol>\n<li><a href=\"https:\/\/owasp.org\/www-community\/attacks\/URL_Redirection\" target=\"_new\" rel=\"noopener nofollow\">OWASP \u2013 T\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL<\/a><\/li>\n<li><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/about\/security-center\/url-redirection-attacks.html\" target=\"_new\" rel=\"noopener nofollow\">Cisco \u2013 T\u00ecm hi\u1ec3u c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL<\/a><\/li>\n<li><a href=\"https:\/\/www.acunetix.com\/blog\/articles\/open-redirection-attacks\/\" target=\"_new\" rel=\"noopener nofollow\">Acunetix \u2013 Ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng m\u1edf<\/a><\/li>\n<li><a href=\"https:\/\/www.imperva.com\/learn\/application-security\/url-redirection\/\" target=\"_new\" rel=\"noopener nofollow\">Imperva \u2013 T\u00ecm hi\u1ec3u c\u00e1c l\u1ed7 h\u1ed5ng chuy\u1ec3n h\u01b0\u1edbng URL<\/a><\/li>\n<\/ol>\n<p>Khi b\u1ed1i c\u1ea3nh m\u1ed1i \u0111e d\u1ecda ti\u1ebfp t\u1ee5c ph\u00e1t tri\u1ec3n, vi\u1ec7c hi\u1ec3u v\u00e0 gi\u1ea3i quy\u1ebft c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chuy\u1ec3n h\u01b0\u1edbng URL v\u1eabn r\u1ea5t quan tr\u1ecdng \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o m\u1ed9t m\u00f4i tr\u01b0\u1eddng tr\u1ef1c tuy\u1ebfn an to\u00e0n. B\u1eb1ng c\u00e1ch lu\u00f4n c\u1ea3nh gi\u00e1c, s\u1eed d\u1ee5ng c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt m\u1ea1nh m\u1ebd v\u00e0 gi\u00e1o d\u1ee5c ng\u01b0\u1eddi d\u00f9ng, c\u00e1c t\u1ed5 ch\u1ee9c c\u00f3 th\u1ec3 ch\u1ed1ng l\u1ea1i nh\u1eefng ho\u1ea1t \u0111\u1ed9ng khai th\u00e1c \u0111\u1ed9c h\u1ea1i n\u00e0y v\u00e0 b\u1ea3o v\u1ec7 t\u00e0i s\u1ea3n k\u1ef9 thu\u1eadt s\u1ed1 c\u0169ng nh\u01b0 ng\u01b0\u1eddi d\u00f9ng c\u1ee7a h\u1ecd kh\u1ecfi b\u1ecb t\u1ed5n h\u1ea1i.<\/p>","protected":false},"featured_media":479465,"menu_order":0,"template":"","meta":{"_acf_changed":false,"content-type":"","inline_featured_image":false,"footnotes":""},"class_list":["post-479464","wiki","type-wiki","status-publish","has-post-thumbnail","hentry"],"acf":{"faq_title":"Frequently Asked Questions about <mark>URL Redirection Attack: An In-Depth Overview<\/mark>","faq_items":[{"question":"What is URL Redirection Attack?","answer":"<p>URL Redirection Attack is a cybersecurity threat where attackers manipulate the redirection of URLs to lead users to malicious or fraudulent websites. These attacks exploit vulnerabilities in web applications or misconfigured servers to deceive users into visiting unauthorized destinations.<\/p>"},{"question":"How did URL Redirection Attacks originate?","answer":"<p>The concept of URL Redirection Attacks emerged as a malicious exploitation of web applications that allowed user-controlled input in URL parameters. The first mentions of such attacks date back to the early 2000s when attackers started redirecting users to unauthorized locations for malicious purposes.<\/p>"},{"question":"How do URL Redirection Attacks work?","answer":"<p>URL Redirection Attacks exploit vulnerabilities in web applications by crafting malicious URLs with harmful destinations. These URLs are disguised as legitimate links, enticing users to click on them. When clicked, users are redirected to the attacker-controlled websites, where various malicious activities can be executed.<\/p>"},{"question":"What are the key features of URL Redirection Attacks?","answer":"<p>URL Redirection Attacks are stealthy and rely heavily on social engineering techniques to deceive users. They can be versatile in delivery methods and have the potential to impact a large number of users due to widespread use of URL redirection in web applications.<\/p>"},{"question":"What are the types of URL Redirection Attacks?","answer":"<p>URL Redirection Attacks can take various forms, including phishing attacks, malware distribution, clickjacking, open redirection, and covert redirection. Each type focuses on different objectives and techniques.<\/p>"},{"question":"How can URL Redirection Attacks be used, and what are the solutions?","answer":"<p>URL Redirection Attacks can be employed for phishing campaigns, malware distribution, SEO spamming, and identity spoofing. To combat these attacks, web administrators can implement strict input validation, educate users, use URL whitelisting, and conduct regular security audits.<\/p>"},{"question":"How does the future of URL Redirection Attacks look like?","answer":"<p>The future of URL Redirection Attacks involves an ongoing race between attackers and defenders. Advanced technologies, such as machine learning and behavioral analysis, will play a crucial role in detecting and preventing these attacks.<\/p>"},{"question":"How are proxy servers associated with URL Redirection Attacks?","answer":"<p>Proxy servers can be used by attackers to hide their identities and locations, making it difficult to trace the origin of the attack. Additionally, attackers can exploit proxy servers to create redirection chains, adding complexity to tracking and mitigating these threats.<\/p>"}]},"_links":{"self":[{"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/wiki\/479464","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/wiki"}],"about":[{"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/types\/wiki"}],"version-history":[{"count":0,"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/wiki\/479464\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/media\/479465"}],"wp:attachment":[{"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/media?parent=479464"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}