{"id":514,"date":"2015-08-17T15:23:12","date_gmt":"2015-08-17T12:23:12","guid":{"rendered":"https:\/\/furkansandal.com\/python-ile-banner-grabbing-mantigi\/"},"modified":"2015-08-17T15:23:12","modified_gmt":"2015-08-17T12:23:12","slug":"python-ile-banner-grabbing-mantigi","status":"publish","type":"post","link":"https:\/\/furkansandal.com\/python-ile-banner-grabbing-mantigi\/","title":{"rendered":"Python ile Banner Grabbing Mant\u0131\u011f\u0131"},"content":{"rendered":"
\nGenellikle Vulnerability Assessment<\/b> taray\u0131c\u0131lar\u0131n\u0131n \u00e7al\u0131\u015fma mant\u0131\u011f\u0131; hedef sistemi tararken \u00f6ncelike port taramas\u0131yla hedef sistemin a\u00e7\u0131k veya filtreli portlar\u0131n\u0131 ke\u015ffeder. A\u00e7\u0131k portlarda yer alan servis bilgisini (hizmet, software vb.) ke\u015ffettikten sonra taray\u0131c\u0131n\u0131n kendi veritaban\u0131nda bulunan g\u00fcvenlik zafiyeti bar\u0131nd\u0131ran servis ismiyleyle kar\u015f\u0131la\u015ft\u0131r\u0131r e\u011fer e\u015fle\u015fiyor ise bu sistemde XYZ zafiyeti vard\u0131r demektedir…<\/p>\n

Tabi bu sadece possible yani olabilir demektir. \u00c7\u00fcnk\u00fc Vulnerability Assessment taray\u0131c\u0131lar\u0131 ke\u015ffedilen zafiyeti sistemde ger\u00e7ekten olup olmad\u0131\u011f\u0131n\u0131 do\u011frulamaz.
Evet belki hedef sistemin bir portunda \u00e7al\u0131\u015fan XYZ servisinde daha \u00f6nceden Security Reseacher<\/b>‘ler taraf\u0131ndan ke\u015ffedilmi\u015f bir zafiyet olabilir fakat hedef sistemde belki bu zafiyet fixlenmi\u015ftir (kapat\u0131lm\u0131\u015ft\u0131r)? Veya serviste sorun vard\u0131r tam \u00e7al\u0131\u015fm\u0131yordur bile.. \u0130\u015fte bu sayd\u0131\u011f\u0131m ve bunun gibi taray\u0131c\u0131lardan taraf\u0131ndan ke\u015ffedilen zafiyetlerin durumuna false-positive<\/b> demekteyiz.<\/p>\n

False-Positive kavram\u0131n\u0131 basit\u00e7e anlatan bir diyagram \u00e7izdim:<\/i><\/p>\n

\n<\/div>\n

\nYukar\u0131daki belirtti\u011fim konuya istinaden Vulnerability Assessment taray\u0131c\u0131lar\u0131n temel \u00e7al\u0131\u015fma mant\u0131\u011f\u0131n\u0131 Python’da socket mod\u00fcl\u00fcn\u00fc kullanarak belirlenen hedef sisteme 21 FTP portundan ba\u011flan\u0131p \u00f6nceden belirledi\u011fimiz zafiyet bar\u0131nd\u0131ran FTP servislerinin kar\u015f\u0131 tarafta olup olmad\u0131\u011f\u0131n\u0131 e\u015fle\u015ftiren k\u00fc\u00e7\u00fck bir uygulama yapaca\u011f\u0131z.<\/p>\n

1) Ba\u011flant\u0131 kurarak banner (servis) bilgisi elde etme:<\/i><\/b><\/p>\n

\nimport socket
socket.setdefaulttimeout(2)
s = socket.socket()
s.connect((“80.243.179.140”,21))
banner = s.recv(2048)
print “[+]\u00a0Servis Bilgisi: “+banner<\/p><\/blockquote>\n

\u00c7\u0131kt\u0131s\u0131:<\/p>\n

\n<\/div>\n

2) IF – ELIF – ELSE kullanarak zafiyet tespiti:<\/b><\/i><\/p>\n

\nimport socket\u00a0<\/p><\/blockquote>\n

\nsocket.setdefaulttimeout(2)
s = socket.socket()
s.connect((“80.243.179.140”,21))
banner = s.recv(2048)\u00a0<\/p><\/blockquote>\n

\nif (“FreeFloat Ftp Server (Version 1.00)” in banner):
\u00a0 \u00a0 print “[+] FreeFloat FTP Server zafiyet barindirmaktadir.”
elif (“ProFTPD 1.3.4c Server” in banner):
\u00a0 \u00a0 print “[+] ProFTPD Server zafiyet barindirmaktadir.”
elif (“Ability Server 2.34” in banner):
\u00a0 \u00a0 print “[+] Ability FTP Server zafiyet barindirmaktadir.”
elif (“Sami FTP Server 2.0.2” in banner):
\u00a0 \u00a0 print “[+] Sami FTP Server zafiyet barindirmaktadir.”
else:
\u00a0 \u00a0 print “[-] FTP Server’inde zafiyet bulunamadi.”<\/p><\/blockquote>\n

\n\u00c7\u0131kt\u0131s\u0131:<\/p>\n

\n<\/div>\n

Faydal\u0131 olmas\u0131 dile\u011fiyle…<\/p>\n<\/div>\n

\nFurkan SANDAL<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Genellikle Vulnerability Assessment taray\u0131c\u0131lar\u0131n\u0131n \u00e7al\u0131\u015fma mant\u0131\u011f\u0131; hedef sistemi tararken \u00f6ncelike port taramas\u0131yla hedef sistemin a\u00e7\u0131k veya filtreli portlar\u0131n\u0131 ke\u015ffeder. A\u00e7\u0131k…<\/p>\n","protected":false},"author":1,"featured_media":483,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","footnotes":""},"categories":[6,1,9,10,7,4],"tags":[78,76,88,89,26,83,81,79,82,77,80,84,85,87,86],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/furkansandal.com\/wp-content\/uploads\/2015\/08\/linux-ubuntu-wallpapers-31.jpeg?fit=1600%2C1200&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6BM7I-8i","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts\/514"}],"collection":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/comments?post=514"}],"version-history":[{"count":0,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts\/514\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/media\/483"}],"wp:attachment":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/media?parent=514"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/categories?post=514"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/tags?post=514"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}