{"id":477438,"date":"2023-08-09T09:14:50","date_gmt":"2023-08-09T09:14:50","guid":{"rendered":""},"modified":"2023-09-05T11:14:42","modified_gmt":"2023-09-05T11:14:42","slug":"heap-spray","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/tr\/wiki\/heap-spray\/","title":{"rendered":"Y\u0131\u011f\u0131n spreyi"},"content":{"rendered":"

Y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme, bilgisayar korsanlar\u0131 taraf\u0131ndan, genellikle bir yaz\u0131l\u0131m g\u00fcvenlik a\u00e7\u0131\u011f\u0131na y\u00f6nelik bir istismar\u0131n par\u00e7as\u0131 olarak, rastgele kod y\u00fcr\u00fct\u00fclmesini kolayla\u015ft\u0131rmak i\u00e7in kullan\u0131lan bir tekniktir. K\u00f6t\u00fc ama\u00e7l\u0131 y\u00fck i\u00e7eren \u00e7ok say\u0131da "y\u0131\u011f\u0131n" veri yap\u0131s\u0131n\u0131 tahsis ederek \u00e7al\u0131\u015f\u0131r, b\u00f6ylece \u00f6rne\u011fin bir arabellek ta\u015fmas\u0131 g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n sald\u0131rgan\u0131n kodunun y\u00fcr\u00fct\u00fclmesiyle sonu\u00e7lanma olas\u0131l\u0131\u011f\u0131n\u0131 art\u0131r\u0131r.<\/p>\n

Y\u0131\u011f\u0131n Spreyi'nin Do\u011fu\u015fu ve \u0130lk S\u00f6z\u00fc<\/h2>\n

Bir istismar tekni\u011fi olarak y\u0131\u011f\u0131n p\u00fcsk\u00fcrtmenin k\u00f6kleri, internetin yayg\u0131n bir pop\u00fclerlik kazand\u0131\u011f\u0131 ve siber g\u00fcvenli\u011fin bug\u00fcnk\u00fc kadar g\u00fc\u00e7l\u00fc olmad\u0131\u011f\u0131 1990'lar\u0131n sonlar\u0131na ve 2000'lerin ba\u015flar\u0131na dayanmaktad\u0131r. \u0130lk \u00f6nemli s\u00f6z\u00fc, tekni\u011fe ili\u015fkin kapsaml\u0131 a\u00e7\u0131klamalar ve \u00f6rnekler sunan etik hacker ve siber g\u00fcvenlik uzman\u0131 SkyLined'in \u00e7al\u0131\u015fmas\u0131nda oldu. SkyLined'in g\u00f6r\u00fc\u015fleri, y\u0131\u011f\u0131n p\u00fcsk\u00fcrtmenin bir tehdit vekt\u00f6r\u00fc olarak ciddiyetinin g\u00f6sterilmesine yard\u0131mc\u0131 oldu ve bunun etkilerini hafifletmeye y\u00f6nelik \u00e7abalar\u0131n artmas\u0131na yol a\u00e7t\u0131.<\/p>\n

Y\u0131\u011f\u0131n Spreyi: Derinlemesine Bir \u0130nceleme<\/h2>\n

Y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme, y\u0131\u011f\u0131n\u0131n (bilgisayar\u0131n belle\u011finin dinamik bellek tahsisi i\u00e7in kullan\u0131lan bir b\u00f6lgesi), genellikle "NOP k\u0131za\u011f\u0131" veya "NOP slayt\u0131" olarak adland\u0131r\u0131lan, belirli bir bayt dizisi i\u00e7eren veri par\u00e7alar\u0131yla doldurulmas\u0131n\u0131 i\u00e7erir. \u0130stismar\u0131n ger\u00e7ek y\u00fck\u00fc, genellikle bir kabuk kodu, bu dizinin sonuna yerle\u015ftirilir. Bu d\u00fczenleme, bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n talimat i\u015faret\u00e7isi kontrol\u00fcne izin vermesi durumunda, esas olarak veri y\u00fck\u00fcne y\u00f6nelik y\u00fcr\u00fctme ak\u0131\u015f\u0131n\u0131 "y\u00f6nlendirir".<\/p>\n

Y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme, \u00f6ncelikle bellek hatas\u0131, genellikle arabellek ta\u015fmas\u0131 veya serbest kullan\u0131m sonras\u0131 g\u00fcvenlik a\u00e7\u0131\u011f\u0131 i\u00e7eren yaz\u0131l\u0131m programlar\u0131na y\u00f6nelik sald\u0131r\u0131larda kullan\u0131l\u0131r. Bu hatalar, bir sald\u0131rgan\u0131n bir bellek adresinin \u00fczerine yazmas\u0131na izin verebilir; bu adres, tam olarak manip\u00fcle edilirse, y\u00fcr\u00fctmeyi heap'e y\u00f6nlendirmek i\u00e7in kullan\u0131labilir. Y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme, y\u0131\u011f\u0131n\u0131n buna "haz\u0131rlanmas\u0131na" yard\u0131mc\u0131 olur ve yeniden y\u00f6nlendirilmi\u015f bir y\u00fcr\u00fctmenin sald\u0131rgan\u0131n y\u00fck\u00fcne ula\u015fma olas\u0131l\u0131\u011f\u0131n\u0131 art\u0131r\u0131r.<\/p>\n

Y\u0131\u011f\u0131n P\u00fcsk\u00fcrtme Nas\u0131l \u00c7al\u0131\u015f\u0131r: Tekni\u011fin \u0130ncelenmesi<\/h2>\n

Y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme, y\u0131\u011f\u0131n alan\u0131n\u0131 istenen bayt dizisinin kopyalar\u0131yla doldurarak \u00e7al\u0131\u015f\u0131r. \u0130\u015fte prosed\u00fcr\u00fcn basitle\u015ftirilmi\u015f bir s\u0131ras\u0131:<\/p>\n

    \n
  1. Y\u0131\u011f\u0131n spreyi genellikle bir web ortam\u0131ndaki JavaScript arac\u0131l\u0131\u011f\u0131yla tetiklenir.<\/li>\n
  2. Y\u0131\u011f\u0131n spreyi, y\u0131\u011f\u0131n\u0131 sald\u0131rgan\u0131n verilerini i\u00e7eren birden fazla bellek blo\u011fuyla doldurur.<\/li>\n
  3. P\u00fcsk\u00fcrt\u00fclen veriler, istismar\u0131n y\u00fck\u00fcne yol a\u00e7an bir NOP k\u0131za\u011f\u0131yla yap\u0131land\u0131r\u0131lm\u0131\u015ft\u0131r.<\/li>\n
  4. \u0130stismar edilebilir bir hata mevcutsa, y\u00fcr\u00fctme iste\u011fe ba\u011fl\u0131 bir bellek adresine yeniden y\u00f6nlendirilebilir.<\/li>\n
  5. P\u00fcsk\u00fcrt\u00fclen verilerin yayg\u0131n varl\u0131\u011f\u0131 g\u00f6z \u00f6n\u00fcne al\u0131nd\u0131\u011f\u0131nda, bu yeniden y\u00f6nlendirmenin sald\u0131rgan\u0131n veri y\u00fck\u00fcne yol a\u00e7ma ihtimali y\u00fcksek.<\/li>\n
  6. Daha sonra y\u00fck y\u00fcr\u00fct\u00fcl\u00fcr ve sald\u0131rgana istenen sonu\u00e7 sa\u011flan\u0131r, genellikle sistemin uzaktan kontrol\u00fc sa\u011flan\u0131r.<\/li>\n<\/ol>\n

    Y\u0131\u011f\u0131n Spreyinin Temel \u00d6zellikleri<\/h2>\n

    Y\u0131\u011f\u0131n spreyi birka\u00e7 temel \u00f6zellik ile karakterize edilir:<\/p>\n

      \n
    1. Artan Sald\u0131r\u0131 Ba\u015far\u0131 Oran\u0131:<\/strong> Y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme, bellek bozulmas\u0131 g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan ba\u015far\u0131yla yararlanma \u015fans\u0131n\u0131 art\u0131r\u0131r.<\/li>\n
    2. Bellek Manip\u00fclasyonu:<\/strong> Rastgele kod y\u00fcr\u00fct\u00fclmesini kolayla\u015ft\u0131rmak i\u00e7in i\u015flem belle\u011finin durumunu y\u00f6netir.<\/li>\n
    3. \u00c7e\u015fitli Ortamlarda Kullan\u0131labilir:<\/strong> Y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme, web taray\u0131c\u0131lar\u0131 veya sunucu uygulamalar\u0131 gibi \u00e7ok say\u0131da ortamda kullan\u0131labilir.<\/li>\n
    4. \u00c7o\u011funlukla Di\u011fer \u0130stismarlarla E\u015fle\u015ftirilir:<\/strong> Y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme genellikle istenen sonuca ula\u015fmak i\u00e7in di\u011fer g\u00fcvenlik a\u00e7\u0131\u011f\u0131 istismarlar\u0131yla birlikte kullan\u0131l\u0131r.<\/li>\n<\/ol>\n

      Y\u0131\u011f\u0131n Sprey \u00c7e\u015fitleri<\/h2>\n

      Y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme teknikleri, kullan\u0131m ortam\u0131na ve y\u00fck da\u011f\u0131t\u0131m\u0131n\u0131n niteli\u011fine g\u00f6re kategorize edilebilir.<\/p>\n\n\n\n\n\n\n\n\n
      Tip<\/th>\nTan\u0131m<\/th>\n<\/tr>\n<\/thead>\n
      JavaScript Y\u0131\u011f\u0131n Spreyi<\/td>\nWeb tabanl\u0131 sald\u0131r\u0131larda kullan\u0131lan JavaScript, y\u0131\u011f\u0131n\u0131 k\u00f6t\u00fc ama\u00e7l\u0131 y\u00fcklerle doldurmak i\u00e7in kullan\u0131l\u0131r.<\/td>\n<\/tr>\n
      Fla\u015f Y\u0131\u011f\u0131n Spreyi<\/td>\nSpreyi genellikle web ortamlar\u0131nda y\u00fcr\u00fctmek i\u00e7in Adobe Flash'\u0131 kullan\u0131r.<\/td>\n<\/tr>\n
      Java Y\u0131\u011f\u0131n Spreyi<\/td>\nWeb tabanl\u0131 sald\u0131r\u0131lar\u0131n ba\u015fka bir y\u00f6ntemi olan sprey i\u00e7in Java uygulamalar\u0131n\u0131 kullan\u0131r.<\/td>\n<\/tr>\n
      Hassas Y\u0131\u011f\u0131n Spreyi<\/td>\nY\u0131\u011f\u0131ndaki belirli nesneleri hedef al\u0131r ve serbest kullan\u0131mdan sonra kullan\u0131mda faydal\u0131d\u0131r.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

      Y\u0131\u011f\u0131n Spreyi Uygulamalar\u0131, Zorluklar\u0131 ve \u00c7\u00f6z\u00fcmleri<\/h2>\n

      Y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme, a\u011f\u0131rl\u0131kl\u0131 olarak siber d\u00fcnyadaki sald\u0131rganlar taraf\u0131ndan yaz\u0131l\u0131m a\u00e7\u0131klar\u0131ndan yararlanmak i\u00e7in kullan\u0131l\u0131yor. Geli\u015fmi\u015f k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131n olu\u015fturulmas\u0131nda ve geli\u015fmi\u015f kal\u0131c\u0131 tehditlerin (APT'ler) ger\u00e7ekle\u015ftirilmesinde yayg\u0131n olarak kullan\u0131lmaktad\u0131r.<\/p>\n

      G\u00fcvenlik a\u00e7\u0131s\u0131ndan y\u0131\u011f\u0131n p\u00fcsk\u00fcrtmeyle ilgili temel zorluk, bunun tespiti ve \u00f6nlenmesidir. Geleneksel imza tabanl\u0131 g\u00fcvenlik \u00e7\u00f6z\u00fcmleri, dinamik do\u011falar\u0131 nedeniyle y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme sald\u0131r\u0131lar\u0131n\u0131 tespit etmekte zorlan\u0131r. Bu nedenle, modern \u00e7\u00f6z\u00fcmler davran\u0131\u015f tabanl\u0131 tespite ve Adres Alan\u0131 D\u00fczeni Rastgelele\u015ftirme (ASLR) ve Veri Y\u00fcr\u00fctme Engelleme (DEP) gibi istismar azaltma tekniklerinin kullan\u0131m\u0131na dayan\u0131r.<\/p>\n

      Kar\u015f\u0131la\u015ft\u0131rmalar ve \u00d6zellikler<\/h2>\n

      Y\u0131\u011f\u0131n p\u00fcsk\u00fcrtmeyi y\u0131\u011f\u0131n d\u00f6nd\u00fcrme ve geri d\u00f6n\u00fc\u015f odakl\u0131 programlama (ROP) gibi di\u011fer benzer tekniklerle kar\u015f\u0131la\u015ft\u0131r\u0131ld\u0131\u011f\u0131nda y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme basitli\u011fi ve y\u00fcksek ba\u015far\u0131 oran\u0131yla \u00f6ne \u00e7\u0131k\u0131yor. Bu tekniklerin her birinin benzersiz \u00f6zellikleri ve kullan\u0131m durumlar\u0131 olsa da, hepsi rastgele kod y\u00fcr\u00fctmek i\u00e7in bellek bozulmas\u0131 g\u00fcvenlik a\u00e7\u0131klar\u0131ndan yararlanmaya y\u00f6nelik tekniklerdir.<\/p>\n\n\n\n\n\n\n\n
      Teknik<\/th>\n\u00d6zellikler<\/th>\n<\/tr>\n<\/thead>\n
      Y\u0131\u011f\u0131n Spreyi<\/td>\nBasit, bellek bozulmas\u0131 istismarlar\u0131n\u0131n ba\u015far\u0131 oran\u0131n\u0131 art\u0131rmak i\u00e7in kullan\u0131l\u0131r.<\/td>\n<\/tr>\n
      Y\u0131\u011f\u0131n D\u00f6nd\u00fcrme<\/td>\nKarma\u015f\u0131kt\u0131r, y\u0131\u011f\u0131n i\u015faret\u00e7ilerini ba\u015fka bir konuma y\u00f6nlendirir ve genellikle arabellek ta\u015fmas\u0131 sald\u0131r\u0131lar\u0131nda kullan\u0131l\u0131r.<\/td>\n<\/tr>\n
      ROP<\/td>\nKarma\u015f\u0131kt\u0131r, belirli istismar azalt\u0131mlar\u0131n\u0131 atlayarak bellekteki mevcut kod par\u00e7ac\u0131klar\u0131ndan ("ara\u00e7lar") yararlan\u0131r.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

      Gelecek Perspektifleri ve Teknolojiler<\/h2>\n

      Y\u0131\u011f\u0131n p\u00fcsk\u00fcrtmenin etkinli\u011fi, bellek rastgelele\u015ftirme ve y\u00fcr\u00fctme \u00f6nleme tekniklerinin uygulanmas\u0131yla zamanla azalm\u0131\u015ft\u0131r. Ancak sald\u0131rganlar, bu korumalar\u0131 atlatmak i\u00e7in daha karma\u015f\u0131k ve hassas y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme teknikleri geli\u015ftirerek y\u00f6ntemlerini geli\u015ftirmeye devam ediyor. \u00d6rne\u011fin, tam zaman\u0131nda (JIT) p\u00fcsk\u00fcrtme, bellekteki JIT taraf\u0131ndan derlenmi\u015f kodu i\u015fleyerek DEP'yi atlamak i\u00e7in geli\u015ftirilmi\u015f bir tekniktir.<\/p>\n

      Proxy Sunucular\u0131 ve Y\u0131\u011f\u0131n Spreyi<\/h2>\n

      Sald\u0131r\u0131n\u0131n kayna\u011f\u0131n\u0131 maskelemek i\u00e7in y\u0131\u011f\u0131n p\u00fcsk\u00fcrtme sald\u0131r\u0131s\u0131 ba\u011flam\u0131nda proxy sunuculardan yararlan\u0131labilir, bu da ara\u015ft\u0131rmac\u0131lar\u0131n sald\u0131r\u0131n\u0131n kayna\u011f\u0131n\u0131n izini s\u00fcrmesini zorla\u015ft\u0131r\u0131r. \u00d6te yandan, g\u00fcvenli proxy sunucular\u0131 ayn\u0131 zamanda bir savunma katman\u0131 g\u00f6revi de g\u00f6rebilir, bilinen k\u00f6t\u00fc ama\u00e7l\u0131 trafi\u011fi engelleyebilir veya istemci sistemlerini potansiyel olarak zararl\u0131 i\u00e7eri\u011fe do\u011frudan maruz kalmaktan yal\u0131tabilir.<\/p>\n

      \u0130lgili Ba\u011flant\u0131lar<\/h2>\n