{"id":509,"date":"2015-08-17T09:18:30","date_gmt":"2015-08-17T06:18:30","guid":{"rendered":"https:\/\/furkansandal.com\/sosyal-muhendislik-saldirilarinda-sahte-mail-kullanimi\/"},"modified":"2015-08-17T09:18:30","modified_gmt":"2015-08-17T06:18:30","slug":"sosyal-muhendislik-saldirilarinda-sahte-mail-kullanimi","status":"publish","type":"post","link":"https:\/\/furkansandal.com\/sosyal-muhendislik-saldirilarinda-sahte-mail-kullanimi\/","title":{"rendered":"Sosyal M\u00fchendislik Sald\u0131r\u0131lar\u0131nda Sahte Mail Kullan\u0131m\u0131"},"content":{"rendered":"
\n
\n<\/div>\n

Merhaba arkada\u015flar. Sosyal m\u00fchendislik sald\u0131r\u0131lar\u0131nda en \u00e7ok kullan\u0131lan y\u00f6ntemlerden biri olan Fake (Sahte) Mail<\/b> ve buna kar\u015f\u0131 nas\u0131l tedbirler al\u0131nabilir bu konulara de\u011finece\u011fim. Sosyal m\u00fchendislikte Fake Mail kullanarak hedefli sald\u0131r\u0131 ger\u00e7ekle\u015ftirmek i\u00e7in bir senaryo ve varolan senaryonun alternatifi \u015feklinde konuyu anlatmak istiyorum.
Senaryo<\/i><\/b>
Ama\u00e7:<\/u> Hedefteki \u015firkete\/kuruma ait e-mail adreslerinin toplan\u0131p, bu e-mail adreslerine zay\u0131f parola sald\u0131r\u0131s\u0131 yaparak bir e-mail hesab\u0131 ele ge\u00e7irmek ve ele ge\u00e7irilen e-mail hesab\u0131yla hedefteki \u015firket i\u00e7in tespit edilen di\u011fer e-mail adreslerine zararl\u0131 dosya (trojan) g\u00f6nderip \u015firketi i\u00e7erden fethetmek.
NOT:<\/u> \u015eirket Microsoft Exchange mail servisini kullan\u0131yorsa OWA’ya y\u00f6nelik zay\u0131f \u015fifre sald\u0131r\u0131s\u0131n\u0131 Ey\u00fcp \u00c7elik’in hOWAttacker yaz\u0131l\u0131m\u0131n\u0131 \u00a0veya Metasploit’teki owa_login exploitinin kullan\u0131m\u0131n\u0131 \u00f6neririm.<\/i><\/p>\n

Alternatif Senaryo<\/i><\/b>
Hedefteki \u015firkete ait tespit edilen e-mail adreslerine yap\u0131lan zay\u0131f parola sald\u0131r\u0131s\u0131 ile bir sonu\u00e7 al\u0131nmad\u0131ysa devreye Fake (Sahte) Mail kullanma girecektir. Ve biz alternatif senaryoyu kullanaca\u011f\u0131z.<\/p>\n

\u0130lk olarak theHarvester<\/b> veya Maltego<\/b> ara\u00e7lar\u0131na kullanarak hedef \u015firkete ait e-mail adreslerini toplayabiliriz.<\/p>\n

theHarvester \u00d6rne\u011fi<\/span><\/b><\/p>\n

\n<\/div>\n

Maltego \u00d6rne\u011fi<\/span><\/b><\/p>\n

\n<\/div>\n

<\/p>\n

\n<\/div>\n

\nAlternatif senaryoyu kullanaca\u011f\u0131m\u0131za g\u00f6re \u015fuan ihtiyac\u0131m\u0131z olan \u015fey fake mail servisidir, 4 adet fake mail servisi haz\u0131rlad\u0131m buradan indirebilirsiniz >>><\/span> \u0130ndir \/ Download<\/b><\/p>\n

Ben indirece\u011finiz dosyalardan ilk olan\u0131n\u0131 kullanaca\u011f\u0131m<\/p>\n

\n<\/div>\n

Yukar\u0131daki resimde yer alan k\u0131s\u0131mlar\u0131 a\u00e7\u0131klamak gerekirse;
From Name:<\/b> G\u00f6nderen ki\u015finin ad\u0131 ve soyad\u0131. (Kimin ad\u0131na e-posta g\u00f6nderilecekse onun ad ve soyad\u0131 yaz\u0131lmal\u0131)
From E-Mail:<\/b> G\u00f6nderen ki\u015finin e-mail adresi. (Kimin ad\u0131na e-posta g\u00f6nderilecekse onun e-mail adresi yaz\u0131lmal\u0131, \u00f6rne\u011fin support@google.com<\/i> gibi..)
To:<\/b> E-posta ki\u015finin e-mail adresi. (Hedef ki\u015finin e-mail adresi yaz\u0131lmal\u0131)
Subject:<\/b> G\u00f6nderilecek olan e-posta konusu.
Attachment:<\/b> Varsa ekli dosya bu se\u00e7ene\u011fi kullanarak hedef ki\u015fiye dosya da g\u00f6nderebilirsiniz.
Content-Type:<\/b> Edit\u00f6r se\u00e7imi. (text\/html olan\u0131n\u0131 \u00f6neririm, geli\u015fmi\u015f yaz\u0131 edit\u00f6rd\u00fcr)
Text:<\/b> Hedefe g\u00f6nderilecek olan e-postan\u0131n i\u00e7eri\u011fi.
Captcha:<\/b> G\u00fcvenlik kodu.
Send:<\/b> Son olarak bu butona bast\u0131\u011f\u0131n\u0131zda e-postan\u0131z hedef ki\u015finin e-mail adresine g\u00f6nderilecektir.<\/p>\n

A\u015fa\u011f\u0131daki resimlerde g\u00f6rd\u00fc\u011f\u00fcn\u00fcz gibi ism4ils4ygili@gmail.com<\/i> olan kendi adresime Bill Gates’den geliyormu\u015f gibi bir e-posta g\u00f6nderme denemesi yapt\u0131m, nas\u0131l olmu\u015f, g\u00fczel de\u011fil mi? \ud83d\ude42<\/p>\n

\n<\/div>\n

\nGelen e-postan\u0131n g\u00f6r\u00fcnt\u00fcs\u00fc;<\/p>\n

\n<\/div>\n

\nE-postan\u0131n i\u00e7eri\u011fi;<\/p>\n

\n<\/div>\n

Peki gelen e-postan\u0131n fake (sahte) olup olmad\u0131\u011f\u0131n\u0131 nas\u0131l \u00f6\u011frenebiliriz?<\/b>
\nE-postan\u0131n kayna\u011f\u0131n\u0131 g\u00f6r\u00fcnt\u00fcleyerek tam olarak nereden geldi\u011finin detaylar\u0131na bakabilirsiniz:<\/p>\n

\n<\/div>\n

\n\u0130yi \u00e7al\u0131\u015fmalar..<\/p>\n<\/div>\n

\nFurkan SANDAL<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Merhaba arkada\u015flar. Sosyal m\u00fchendislik sald\u0131r\u0131lar\u0131nda en \u00e7ok kullan\u0131lan y\u00f6ntemlerden biri olan Fake (Sahte) Mail ve buna kar\u015f\u0131 nas\u0131l tedbirler al\u0131nabilir…<\/p>\n","protected":false},"author":1,"featured_media":477,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","footnotes":""},"categories":[6,1,9,10,7,4],"tags":[78,76,88,89,26,83,81,79,82,77,80,84,85,87,86],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/furkansandal.com\/wp-content\/uploads\/2015\/08\/tekno.jpg?fit=480%2C343&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6BM7I-8d","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts\/509"}],"collection":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/comments?post=509"}],"version-history":[{"count":0,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts\/509\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/media\/477"}],"wp:attachment":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/media?parent=509"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/categories?post=509"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/tags?post=509"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}