{"id":491,"date":"2015-08-16T20:59:46","date_gmt":"2015-08-16T17:59:46","guid":{"rendered":"https:\/\/furkansandal.com\/python-simple-phpbug-finder\/"},"modified":"2015-08-16T20:59:46","modified_gmt":"2015-08-16T17:59:46","slug":"python-simple-phpbug-finder","status":"publish","type":"post","link":"https:\/\/furkansandal.com\/python-simple-phpbug-finder\/","title":{"rendered":"Python Simple PhpBug Finder"},"content":{"rendered":"
\nMerhaba Arkada\u015flar,<\/p>\n

Fark\u0131nday\u0131m uzun zamand\u0131r bloga yaz\u0131 girmiyorum ama mazeretim var, uzun s\u00fcredir i\u015f yo\u011funlu\u011fum mevcut. Bu y\u00fczden maalesef pek f\u0131rsat\u0131m olmuyor..<\/p>\n

Bug\u00fcn yedek al\u0131rken eski ar\u015fivlere g\u00f6z att\u0131m. Programlamaya yeni ba\u015flad\u0131\u011f\u0131m zamanlarda yazd\u0131\u011f\u0131m birka\u00e7 programc\u0131\u011fa rastlad\u0131m \ud83d\ude42
Vakti zaman\u0131nda Linux ortam\u0131nda \u00e7al\u0131\u015f\u0131p Linux’un komut g\u00fcc\u00fcn\u00fc kullanarak php scriptler \u00fczerinde basit bir bug bulucu yapm\u0131\u015f\u0131m \ud83d\ude42<\/p>\n

Ekran g\u00f6r\u00fcnt\u00fcs\u00fc:<\/p>\n

\n<\/div>\n

\n\u00d6rne\u011fin yukar\u0131daki \u00e7\u0131kt\u0131ya bakacak olursak;<\/p>\n

cat.php<\/b> dosyas\u0131n\u0131n 5.<\/b> sat\u0131r\u0131ndaki ” pageID= $_GET[‘pid’];<\/b> ” ibaresi potansiyel bir XSS a\u00e7\u0131\u011f\u0131n\u0131n oldu\u011funu s\u00f6ylemektedir.<\/p>\n

Program\u0131n kodlar\u0131n\u0131 buradan indirebilirsiniz:\u00a0http:\/\/pastebin.com\/tUs0w2u7<\/b><\/i><\/p>\n

Umar\u0131m yararl\u0131 olur, iyi g\u00fcnler.\n<\/p>\n<\/div>\n

\nFurkan SANDAL<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Merhaba Arkada\u015flar, Fark\u0131nday\u0131m uzun zamand\u0131r bloga yaz\u0131 girmiyorum ama mazeretim var, uzun s\u00fcredir i\u015f yo\u011funlu\u011fum mevcut. Bu y\u00fczden maalesef pek…<\/p>\n","protected":false},"author":1,"featured_media":467,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","footnotes":""},"categories":[6,1,9,10,7,4],"tags":[78,76,88,89,26,83,81,79,82,77,80,84,85,87,86],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/furkansandal.com\/wp-content\/uploads\/2015\/08\/avatar242556_315-150x150.jpg?fit=150%2C150&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6BM7I-7V","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts\/491"}],"collection":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/comments?post=491"}],"version-history":[{"count":0,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts\/491\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/media\/467"}],"wp:attachment":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/media?parent=491"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/categories?post=491"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/tags?post=491"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}