{"id":620,"date":"2015-08-23T10:51:27","date_gmt":"2015-08-23T07:51:27","guid":{"rendered":"https:\/\/furkansandal.com\/mr-robot-raspberry-pi-2-ile-shell-acma\/"},"modified":"2015-08-23T22:04:25","modified_gmt":"2015-08-23T19:04:25","slug":"mr-robot-raspberry-pi-2-ile-shell-acma","status":"publish","type":"post","link":"https:\/\/furkansandal.com\/mr-robot-raspberry-pi-2-ile-shell-acma\/","title":{"rendered":"Mr. Robot – Raspberry Pi 2 ile Shell A\u00e7ma"},"content":{"rendered":"
\n
\n
\"\"<\/div>\n


\n<\/span> Sistemi ele ge\u00e7irmenin birden fazla yolu bulunabilir. \u0130yi g\u00fcvenlik uygulam\u0131\u015f sistemi uzaktan ele ge\u00e7irmek zordur. Bazen local a\u011f zaafiyetinden yararlanarak sistemi ele ge\u00e7irilebilir. Bu yaz\u0131da raspberry pi <\/b>cihaz\u0131n\u0131 kullanarak nas\u0131l reverse shell <\/b>a\u00e7\u0131laca\u011f\u0131ndan bahsedece\u011fiz.<\/span><\/p>\n<\/div>\n

Mr. Robot dizisinde 6. b\u00f6l\u00fcmde senaryoda oldu\u011fu gibi uzak netwok’den \u00e7ok iyi korunan bir firman\u0131n local a\u011f\u0131na fiziksel olarak girdikten sonra raspberry pi cihaz\u0131n\u0131 local network’e dahil ettiler. Daha sonra cihaz ba\u015flar ba\u015flamaz belirlenen IP adresine belli aral\u0131klarala s\u00fcrekli shell a\u00e7ma iste\u011fi g\u00f6nderecek \u015fekilde ayarlad\u0131lar. Uzaktan sald\u0131rgan da bu iste\u011fi kullanarak local a\u011fa dahil oldu. <\/span>
\n
\n<\/span><\/div>\n
Biz de bu senaryonun ayn\u0131s\u0131n\u0131 ger\u00e7ekle\u015ftirmeye \u00e7al\u0131\u015faca\u011f\u0131z. <\/span>
\n
\n<\/span><\/div>\n

Raspberry pi hakk\u0131nda k\u00fc\u00e7\u00fck bir bilgi vereyim. Raspberry pi kredi kart\u0131 boyunda bir k\u00fc\u00e7\u00fck bilgisayard\u0131r. Raspberry pi ile normal bir bilgisayarda yapabildiklerinizi \u00f6rne\u011fin, g\u00f6r\u00fcnt\u00fc i\u015flemleri, word, excel vb. i\u015flemlerini ger\u00e7ekle\u015ftirebilirsiniz. Raspberry pi \u00fczerine Windows 10 (Raspberry pi 2<\/b>) ve Linux kurulabilmektedir. Raspberry pi genel olarak geni\u015f bir kullan\u0131m alan\u0131 mevcuttur. Biz ise burada bir firman\u0131n nas\u0131l ele ge\u00e7irebilece\u011finden bahsedece\u011fiz.<\/span>
\n
\n<\/span><\/p>\n

Raspberry pi <\/b>\u00fczerine kali veya farkl\u0131 bir linux da\u011f\u0131l\u0131m\u0131 kurabilirsiniz. Biz burada kali kullanaca\u011f\u0131z. Kali \u00fczerine ba\u015flar ba\u015flamaz a\u015fa\u011f\u0131daki script \u00e7al\u0131\u015facakt\u0131r(Script dosya ad\u0131: reverseShellStartup.sh<\/b>). Bu kod 10 dakika aral\u0131klarla belirlenen IP adresine istekte bulunacakt\u0131r. Bu konu hakk\u0131nda daha fazla bilgi edinmek i\u00e7in buradan<\/a> yararlanabilirsiniz.\u00a0<\/span>
\n
\n<\/span><\/p>\n
\"\"<\/div>\n
kullanici_adi : uzak pc adi<\/span><\/div>\n
IP: uzak bilgisayar\u0131n d\u0131\u015f IP adresi olacak.<\/span><\/div>\n
A\u015fa\u011f\u0131daki kodu yazarak shell kodumuza \u00e7al\u0131\u015ft\u0131rma izni verece\u011fiz.<\/span><\/div>\n

| chmod u+x reverseShellStartup.sh<\/span><\/p>\n

\"\"<\/div>\n
Bu kodu yazd\u0131ktan sonra raspberry pi cihaz\u0131 ba\u015flad\u0131\u011f\u0131nda bizim yazd\u0131\u011f\u0131m\u0131z script ba\u015flamas\u0131 i\u00e7in start up’a eklememiz gerekmektedir.<\/span><\/div>\n
Eklemek i\u00e7in \/etc\/rc.local<\/b> dosyas\u0131n\u0131n i\u00e7ersine bizim haz\u0131rlad\u0131\u011f\u0131m\u0131z reverseShellStartup.sh<\/b> dizini eklemeliyiz.<\/span><\/div>\n
\"\"<\/div>\n

Raspberry pi local network’e ba\u011flan\u0131p istek olu\u015fturduktan sonra uzaktaki sald\u0131rgan sisteme girmeye haz\u0131rd\u0131r.<\/span><\/p>\n

Bize istek geldikten sonra a\u015fa\u011f\u0131daki kod yaz\u0131l\u0131r.<\/span><\/div>\n

| ssh localhost \u2013p 8000<\/span><\/p>\n

Ve art\u0131k sisteme girilmi\u015f, uzaktan sistemi kontrol edilebilir durumdad\u0131r.<\/span><\/div>\n
\"\"<\/div>\n
\"\"<\/div>\n

Art\u0131k sald\u0131rgan network \u00fczerinde istedi\u011fini yapabilir.<\/span><\/p>\n<\/div>\n<\/div>\n

Furkan SANDAL <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Sistemi ele ge\u00e7irmenin birden fazla yolu bulunabilir. \u0130yi g\u00fcvenlik uygulam\u0131\u015f sistemi uzaktan ele ge\u00e7irmek zordur. Bazen local a\u011f zaafiyetinden yararlanarak…<\/p>\n","protected":false},"author":1,"featured_media":621,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","footnotes":""},"categories":[6,1,9,10,3,7,11,4],"tags":[78,76,92,88,89,26,91,83,95,93,81,90,97,98,94,96,79,82,77,80,84,85,87,86],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/furkansandal.com\/wp-content\/uploads\/2015\/08\/hacks-mr-robot-build-hacking-raspberry-pi-2.jpg?fit=640%2C244&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6BM7I-a0","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts\/620"}],"collection":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/comments?post=620"}],"version-history":[{"count":0,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/posts\/620\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/media\/621"}],"wp:attachment":[{"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/media?parent=620"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/categories?post=620"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/furkansandal.com\/wp-json\/wp\/v2\/tags?post=620"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}