{"id":514,"date":"2015-08-17T15:23:12","date_gmt":"2015-08-17T12:23:12","guid":{"rendered":"https:\/\/furkansandal.com\/python-ile-banner-grabbing-mantigi\/"},"modified":"2015-08-17T15:23:12","modified_gmt":"2015-08-17T12:23:12","slug":"python-ile-banner-grabbing-mantigi","status":"publish","type":"post","link":"https:\/\/furkansandal.com\/python-ile-banner-grabbing-mantigi\/","title":{"rendered":"Python ile Banner Grabbing Mant\u0131\u011f\u0131"},"content":{"rendered":"
Tabi bu sadece possible yani olabilir demektir. \u00c7\u00fcnk\u00fc Vulnerability Assessment taray\u0131c\u0131lar\u0131 ke\u015ffedilen zafiyeti sistemde ger\u00e7ekten olup olmad\u0131\u011f\u0131n\u0131 do\u011frulamaz.
Evet belki hedef sistemin bir portunda \u00e7al\u0131\u015fan XYZ servisinde daha \u00f6nceden Security Reseacher<\/b>‘ler taraf\u0131ndan ke\u015ffedilmi\u015f bir zafiyet olabilir fakat hedef sistemde belki bu zafiyet fixlenmi\u015ftir (kapat\u0131lm\u0131\u015ft\u0131r)? Veya serviste sorun vard\u0131r tam \u00e7al\u0131\u015fm\u0131yordur bile.. \u0130\u015fte bu sayd\u0131\u011f\u0131m ve bunun gibi taray\u0131c\u0131lardan taraf\u0131ndan ke\u015ffedilen zafiyetlerin durumuna false-positive<\/b> demekteyiz.<\/p>\n
False-Positive kavram\u0131n\u0131 basit\u00e7e anlatan bir diyagram \u00e7izdim:<\/i><\/p>\n \nYukar\u0131daki belirtti\u011fim konuya istinaden Vulnerability Assessment taray\u0131c\u0131lar\u0131n temel \u00e7al\u0131\u015fma mant\u0131\u011f\u0131n\u0131 Python’da socket mod\u00fcl\u00fcn\u00fc kullanarak belirlenen hedef sisteme 21 FTP portundan ba\u011flan\u0131p \u00f6nceden belirledi\u011fimiz zafiyet bar\u0131nd\u0131ran FTP servislerinin kar\u015f\u0131 tarafta olup olmad\u0131\u011f\u0131n\u0131 e\u015fle\u015ftiren k\u00fc\u00e7\u00fck bir uygulama yapaca\u011f\u0131z.<\/p>\n 1) Ba\u011flant\u0131 kurarak banner (servis) bilgisi elde etme:<\/i><\/b><\/p>\n \nimport socket \u00c7\u0131kt\u0131s\u0131:<\/p>\n 2) IF – ELIF – ELSE kullanarak zafiyet tespiti:<\/b><\/i><\/p>\n \nimport socket\u00a0<\/p><\/blockquote>\n \nsocket.setdefaulttimeout(2) \nif (“FreeFloat Ftp Server (Version 1.00)” in banner): \n\u00c7\u0131kt\u0131s\u0131:<\/p>\n
socket.setdefaulttimeout(2)
s = socket.socket()
s.connect((“80.243.179.140”,21))
banner = s.recv(2048)
print “[+]\u00a0Servis Bilgisi: “+banner<\/p><\/blockquote>\n
s = socket.socket()
s.connect((“80.243.179.140”,21))
banner = s.recv(2048)\u00a0<\/p><\/blockquote>\n
\u00a0 \u00a0 print “[+] FreeFloat FTP Server zafiyet barindirmaktadir.”
elif (“ProFTPD 1.3.4c Server” in banner):
\u00a0 \u00a0 print “[+] ProFTPD Server zafiyet barindirmaktadir.”
elif (“Ability Server 2.34” in banner):
\u00a0 \u00a0 print “[+] Ability FTP Server zafiyet barindirmaktadir.”
elif (“Sami FTP Server 2.0.2” in banner):
\u00a0 \u00a0 print “[+] Sami FTP Server zafiyet barindirmaktadir.”
else:
\u00a0 \u00a0 print “[-] FTP Server’inde zafiyet bulunamadi.”<\/p><\/blockquote>\n