{"id":181,"date":"2016-04-08T15:58:17","date_gmt":"2016-04-08T13:58:17","guid":{"rendered":"http:\/\/www.bilisimonline.net\/?p=181"},"modified":"2017-04-17T16:21:26","modified_gmt":"2017-04-17T13:21:26","slug":"saldiri-evreleri-ve-kali-araclari","status":"publish","type":"post","link":"http:\/\/www.bilisimonline.net\/index.php\/2016\/04\/08\/saldiri-evreleri-ve-kali-araclari\/","title":{"rendered":"Sald\u0131r\u0131 Evreleri Ve Kali Ara\u00e7lar\u0131"},"content":{"rendered":"

 <\/p>\n

Bu yaz\u0131m\u0131zda siber sald\u0131r\u0131 evrelerinde kullan\u0131lan pop\u00fcler Kali ara\u00e7lar\u0131n\u0131n her evre i\u00e7in ayr\u0131 ayr\u0131 isimlerini, beyaz \u015fapkal\u0131 hacker (ethical hacker) ‘\u0131n bilmesi gerekenleri, temel sald\u0131r\u0131 bilgisini anlatmaya \u00e7al\u0131\u015ft\u0131k. Bu yaz\u0131 ayn\u0131 zamanda kali linux kullan\u0131m\u0131 konusunda sizlere rehberlik edecektir. Siber sald\u0131r\u0131 evreleri ile yaz\u0131m\u0131za ba\u015flayal\u0131m.<\/span><\/span><\/p>\n

Sald\u0131r\u0131 Senaryosu\/Evreleri<\/span><\/span><\/p>\n

    \n
  1. Veri Toplama (13)<\/span><\/span><\/li>\n
  2. Sald\u0131r\u0131 Haz\u0131rl\u0131k (9)<\/span><\/span><\/li>\n
  3. Sald\u0131r\u0131 (16)<\/span><\/span><\/li>\n
  4. Kablosuz A\u011flara Sald\u0131r\u0131 (13)<\/span><\/span><\/li>\n<\/ol>\n

    Yukar\u0131da bahsedilen senaryonun t\u00fcm evrelerinde Kali’nin ara\u00e7lar\u0131ndan faydalanabiliriz. \u0130stisnai uygulamalar olmakla birlikte, uygulamal\u0131 bayrak yakalama (CTF-Capture The Flag) yar\u0131\u015fmalar\u0131nda fiziksel makine \u00fczerine kurulu kali i\u015fletim sistemi ve bizim sald\u0131rmam\u0131z\u0131 bekleyen sanal makinelerle kar\u015f\u0131la\u015f\u0131r\u0131z. <\/span><\/span><\/p>\n

    Kullan\u0131lan ara\u00e7lar\u0131n anlat\u0131m\u0131na ba\u015flamadan \u00f6nce beyaz \u015fapkal\u0131 hackerl\u0131\u011fa (ethical hacker) ad\u0131m atan arkada\u015flar i\u00e7in \u00f6\u011frenilmesi gereken temel bilgileri s\u0131ralamak istiyorum.<\/span><\/span><\/p>\n

      \n
    • Temel network bilgisi\u00a0<\/span><\/span><\/li>\n
    • Temel\u00a0linux i\u015fletim sistemi bilgisi<\/span><\/span><\/li>\n
    • Temel\u00a0windows i\u015fletim sistemi bilgisi<\/span><\/span><\/li>\n
    • Bir par\u00e7a yaz\u0131l\u0131m bilgisi (yaz\u0131l\u0131m mant\u0131\u011f\u0131)<\/span><\/span><\/li>\n
    • Temel bili\u015fim ingilizcesi<\/span><\/span><\/li>\n<\/ul>\n
        \n
      1. \n

        Veri Toplama A\u015famas\u0131<\/span><\/span><\/p>\n<\/li>\n<\/ol>\n

        Bize hedef sistemle ilgili bilgiler verebilecek y\u00f6ntemleri bilmemiz ve nereye sald\u0131raca\u011f\u0131m\u0131z\u0131 tespit etmemiz gerekir. A\u015fa\u011f\u0131daki y\u00f6ntemlerin yan\u0131nda, hedef hakk\u0131nda bilgi alabilece\u011fimiz t\u00fcm sosyal m\u00fchendislik \u00e7al\u0131\u015fmalar\u0131 i\u015fe yarayacakt\u0131r. <\/span><\/span><\/p>\n

         <\/p>\n

        whois lookup (domain sorgulama)<\/span><\/span><\/p>\n

        IP ve IP veritabanlar\u0131<\/span><\/span><\/p>\n

        DNS (Domian Name Server) ve DNS Sorgulama<\/span><\/span><\/p>\n

        Arama motorlar\u0131<\/span><\/span><\/p>\n

         <\/p>\n

        Kali Ara\u00e7lar\u0131:<\/b> Dmitry, Dnsmap, Maltego, Dnswalk, Goofile, searchsploit, dirb, crawler, WebSlayer, shodan, Fierce, Dnsdict6, Dnsrecon.<\/span><\/span><\/p>\n

          \n
        1. Sald\u0131r\u0131 Haz\u0131rl\u0131k A\u015famas\u0131<\/span><\/span><\/li>\n<\/ol>\n

          Elde etti\u011fimiz bilgilerle hedef sistemin a\u00e7\u0131kl\u0131klar\u0131n\u0131 (vulnerability) bulmak ve bunlar\u0131 istismar (exploit) etmek i\u00e7in detayl\u0131 bilgiler elde etmemiz gerekiyor. Nmap, bu i\u015f i\u00e7in en s\u0131k kullan\u0131lan ve hakim olundu\u011funda \u00e7ok ba\u015far\u0131l\u0131 bir program.<\/span><\/span><\/p>\n

          Kali Ara\u00e7lar\u0131:<\/b>nmap, zenmap, maltego, wireshark, dmitry, urlcrazy, netdiscovery, ettercap, Armitage.<\/span><\/span><\/p>\n

          \u0130\u015fletim Sistemi Tespiti<\/b><\/span><\/span><\/p>\n

          Bu i\u015f i\u00e7in nmap program\u0131n\u0131n -O parametresi mevcut ancak kesin bilgi i\u00e7in Birka\u00e7 y\u00f6ntem birle\u015ftirilmeli diye d\u00fc\u015f\u00fcn\u00fcyorum. <\/span><\/span><\/p>\n

          \"nmap_ornek1\"<\/p>\n

          Yukar\u0131da g\u00f6r\u00fcld\u00fc\u011f\u00fc gibi taranan bilgisayar\u0131n %96 virtualbox \u00fczerinde sanal i\u015fletim sistemi olabilece\u011fi yaz\u0131yor. (Do\u011fru s\u00f6yl\u00fcyor, ama eksik.) Nmap ile OS analizine birka\u00e7 \u00f6rnek daha verelim:<\/span><\/span><\/p>\n

          nmap -sS -O 192.168.10.10 (\u0130\u015fletim Sistemi Analizi)<\/span><\/span><\/pre>\n
          ya da<\/span><\/span><\/p>\n
          nmap -sS -A 192.168.10.10 (\u0130\u015fletim Sistemi Analizi ve Versiyon Ke\u015ffi)<\/span><\/span><\/pre>\n
          \"ping_ornek1\"<\/p>\n
          Host’a ping att\u0131\u011f\u0131m\u0131zda d\u00f6nen ttl de\u011feri 63 ise bu bir linux makinedir. <\/span><\/span><\/p>\n
          \"ping_ornek2\"<\/p>\n
          \u015eayet ttl de\u011feri 127 d\u00f6nseydi bu bir windows makine diyecektik.<\/span><\/span><\/p>\n
            \n
          1. Sald\u0131r\u0131 A\u015famas\u0131\u00a0<\/span><\/span>Hedefin tespiti ve a\u00e7\u0131kl\u0131klar\u0131n\u0131n bulunmas\u0131ndan sonra sald\u0131r\u0131 ba\u015flayabilir, ama nereden sald\u0131raca\u011f\u0131z? Cevap: En kolay, en bilindikten ba\u015flayarak hedefi ele ge\u00e7irene kadar, her a\u00e7\u0131kl\u0131\u011f\u0131 de\u011ferlendirece\u011fiz. Sald\u0131r\u0131 i\u00e7in kullanaca\u011f\u0131m\u0131z ara\u00e7lar amac\u0131m\u0131za g\u00f6re de\u011fi\u015fir. \u00d6rne\u011fin, hedefin web kameras\u0131n\u0131 ele ge\u00e7irip stream yapmak istiyoruz, metasploit ile yapabiliriz. Ya da hedefte bir kullan\u0131c\u0131 olu\u015fturup bu kullan\u0131c\u0131y\u0131 y\u00f6netici yaparak sistemi s\u00f6m\u00fcrmek istiyoruz, armitage ile yapabiliriz.
            \n<\/span><\/span>Kali Ara\u00e7lar\u0131:<\/b>metasploit framework, armitage, hydra, john the ripper, sslsplit, sqlmap, burp suite, acunetix, aircrack -ng, findmyhash, ZAP (Zed Attack Proxy), dvwa (Damn Vulnerable Wep App), uniscan, winexe, magictree, davtest. <\/span><\/span><\/li>\n
          2. Kablosuz A\u011flara Sald\u0131r\u0131<\/span><\/span>Kablosuz modemlerde wi-fi a\u011f\u0131n\u0131z\u0131n g\u00fcvenli\u011fini sa\u011flamak i\u00e7in WEP(Wired Equivalent Privacy)\/WPA(Wi-Fi Protected Access)\/WPA2(Wi-Fi Protected Access II) \u015fifreleme standartlar\u0131 kullan\u0131l\u0131yor. <\/span><\/span>WEP, G\u00fcvenli olmad\u0131\u011f\u0131 kan\u0131tland\u0131ktan sonra 2004 y\u0131l\u0131nda resmi olarak emekli edildi.<\/span><\/span>WPA, \u201cMessage \u0130ntegrity Checks\u201d \u00f6zelli\u011fine sahip. Bu \u00f6zellikle paketlein ele ge\u00e7rilip ge\u00e7irilmedi\u011fini, \u00fczerinde oynand\u0131\u011f\u0131n\u0131 anlayabiliyor. WPA-PSK (Pre-Shared Key) en \u00e7ok kullan\u0131lan konfigrasyonu. TKIP (Temporal Key \u0130ntegrity Protocol), paket ba\u015f\u0131na anahtar sistemiyle WEP\u2019te kullan\u0131lan sabit anahtar sisteminden \u00e7ok daha g\u00fcvenli. AES (Advanced Encryption Standar) TKIP\u2019i g\u00f6lgede b\u0131rakm\u0131\u015f durumda.<\/span><\/span>WPA2 (Wi-Fi Protected Access II), WPA\u2019n\u0131n yerini ge\u00e7ti. AES zorunlu kullan\u0131lmaya ba\u015fland\u0131. CCMP (Counter Cipher Mode with Block Chaining Message Authentication Code Protocol) TKIP\u2019in yerini ald\u0131. <\/span><\/span>Bu bilgilerden sonra kablosuz a\u011f \u015fifrelerini k\u0131rmada en kolaydan zora do\u011fru bir s\u0131ralama yaparsak; WEPOpen Network > WPA+TKIP > WPA+TKIP\/AES > WPA+AES > WPA2+AES diyebiliriz.<\/span><\/span>Ancak WPA2 standart\u0131yla \u015fifrelenmi\u015f olsa bile WPS (Wi-Fi Protected Setup) arac\u0131l\u0131\u011f\u0131yla eri\u015filebilen sald\u0131r\u0131 vekt\u00f6r\u00fc bir kap\u0131 a\u00e7\u0131yor. 2-14 saatlik bir \u00e7abayla k\u0131r\u0131lmas\u0131 m\u00fcmk\u00fcn oluyor.<\/span><\/span><\/li>\n<\/ol>\n
            \"wifi_tools\"<\/p>\n
            Kali Ara\u00e7lar\u0131:<\/b>Aircrack-ng, reaver, pixiewps, wifite, kismet, fern wifi cracker, wash, wireshark, crunch, macchanger, oclhashcat, cowpatty, chirp, <\/span><\/span><\/p>\n
            Ara\u00e7lar\u0131n say\u0131s\u0131 artt\u0131r\u0131labilir. Bir sonraki makalede, <\/span><\/span><\/p>\n
              \n
            • sosyal m\u00fchendislik ve oltama y\u00f6ntemleri, <\/span><\/span><\/li>\n
            • sald\u0131r\u0131 sonras\u0131 izleme ve gizlenme, <\/span><\/span><\/li>\n
            • sistemi sahiplenme,<\/span><\/span><\/li>\n
            • sald\u0131r\u0131 sonunda izleri silme <\/span><\/span><\/li>\n<\/ul>\n
              konular\u0131na de\u011finmek ve faydal\u0131 oldu\u011funu d\u00fc\u015f\u00fcnd\u00fc\u011f\u00fcm birka\u00e7 kali arac\u0131n\u0131 detayl\u0131 tan\u0131tmakistiyorum.<\/span><\/span><\/p>\n
              \u00a0Bilgi Notu: Kali Linux Nedir? Ne i\u015fe yarar?\u00a0<\/strong>Kali<\/b>; Linux<\/b> tabanl\u0131, CD’den ba\u015flatma se\u00e7enekli BackTrack yap\u0131mc\u0131lar\u0131 taraf\u0131ndan 2013 y\u0131l\u0131nda olu\u015fturulmu\u015f olan bir g\u00fcvenlik kontrol i\u015fletim sistemi. Offensive Security Ltd. arac\u0131l\u0131\u011f\u0131yla Mati Aharoni, Devon Kearns ve Rapha\u00ebl Hertzog taraf\u0131ndan geli\u015ftirilmekte ve finanse edilmektedir. Beyaz \u015fapkal\u0131 hacker (ethical hacker) e\u011fitimleri i\u00e7in bir\u00e7ok ara\u00e7 \u00fczerinde kurulu olarak bulunmaktad\u0131r.\u00a0Beyaz \u015fapkal\u0131 hacker (ethical hacker) kullanabildi\u011fi gibi tam tersi k\u00f6t\u00fc niyetli Hackerlar elinde siber bir sald\u0131r\u0131 arac\u0131na d\u00f6n\u00fc\u015febilir.\u00a0<\/span><\/span><\/p>\n
               <\/p>\n","protected":false},"excerpt":{"rendered":"
                Bu yaz\u0131m\u0131zda siber sald\u0131r\u0131 evrelerinde kullan\u0131lan pop\u00fcler Kali ara\u00e7lar\u0131n\u0131n her evre i\u00e7in ayr\u0131 ayr\u0131 isimlerini, beyaz \u015fapkal\u0131 hacker (ethical hacker) ‘\u0131n bilmesi gerekenleri, temel sald\u0131r\u0131 bilgisini anlatmaya \u00e7al\u0131\u015ft\u0131k. Bu yaz\u0131 ayn\u0131 zamanda kali linux kullan\u0131m\u0131 konusunda sizlere rehberlik edecektir. Siber sald\u0131r\u0131 evreleri ile yaz\u0131m\u0131za ba\u015flayal\u0131m. Sald\u0131r\u0131 Senaryosu\/Evreleri Veri Toplama (13) Sald\u0131r\u0131 Haz\u0131rl\u0131k (9) Sald\u0131r\u0131 …<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[67,74,82,78,19,80,81],"tags":[182,183,175,181,201,200,163,197,203,190,162,156,167,157,168,159,186,174,195,166,184,160,177,178,382,383,384,194,198,189,158,176,173,169,199,192,191,202,161,165,180,179,187,172,196,164,193,188,171,185,170],"class_list":["post-181","post","type-post","status-publish","format-standard","hentry","category-acik-kaynak","category-ag-guvenlik","category-isletim-sistemleri-guvenlik","category-saldiri-tespit-sistemleri","category-siber-guvenlik","category-web-guvenlik","category-yazilim-guvenlik","tag-acunetix","tag-aircrack-ng","tag-armitage","tag-burp-suite","tag-chirp","tag-cowpatty","tag-crawler","tag-crunch","tag-ctf","tag-davtest","tag-dirb","tag-dmitry","tag-dnsdict6","tag-dnsmap","tag-dnsrecon","tag-dnswalk","tag-dvwa-damn-vulnerable-wep-app","tag-ettercap","tag-fern-wifi-cracker","tag-fierce","tag-findmyhash","tag-goofile","tag-hydra","tag-john-the-ripper","tag-kali-linux-kullanimi","tag-kali-linux-kurulumu","tag-kali-linux-nedir-ne-ise-yarar","tag-kismet","tag-macchanger","tag-magictree","tag-maltego","tag-metasploit-framework","tag-netdiscovery","tag-nmap","tag-oclhashcat","tag-pixiewps","tag-reaver","tag-saldiri-senaryosu","tag-searchsploit","tag-shodan","tag-sqlmap","tag-sslsplit","tag-uniscan","tag-urlcrazy","tag-wash","tag-webslayer","tag-wifite","tag-winexe","tag-wireshark","tag-zap-zed-attack-proxy","tag-zenmap"],"jetpack_publicize_connections":[],"aioseo_notices":[],"views":6227,"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7k56R-2V","jetpack-related-posts":[],"_links":{"self":[{"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/posts\/181"}],"collection":[{"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/comments?post=181"}],"version-history":[{"count":10,"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/posts\/181\/revisions"}],"predecessor-version":[{"id":861,"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/posts\/181\/revisions\/861"}],"wp:attachment":[{"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/media?parent=181"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/categories?post=181"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/tags?post=181"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}