{"id":298,"date":"2018-06-11T17:02:32","date_gmt":"2018-06-11T14:02:32","guid":{"rendered":"https:\/\/www.bilisimkurdu.cf\/?p=298"},"modified":"2018-06-11T17:02:32","modified_gmt":"2018-06-11T14:02:32","slug":"db-config-ini-php-analizi","status":"publish","type":"post","link":"http:\/\/localhost\/bilisimkurdu\/db-config-ini-php-analizi\/","title":{"rendered":"&#8220;db-config-ini.php&#8221; analizi"},"content":{"rendered":"<p>Merhabalar,<\/p>\n<p>Bug\u00fcn yapm\u0131\u015f oldu\u011fum analizi payla\u015fmak istiyorum.<\/p>\n<p>Ama pek ayr\u0131nt\u0131l\u0131 analiz yapabilmi\u015f de\u011filim dikkatinizi \u00e7ekmek isterim.<\/p>\n<p><!--more--><\/p>\n<p>USOM&#8217;u bilenler bilir ama bilmeyenler i\u00e7in\u00a0BTK&#8217;ya ba\u011fl\u0131 Ulusal Siber Olaylara M\u00fcdahale Merkezi&#8217;dir.Zaman zaman analiz etti\u011fi zararl\u0131 URL&#8217;leri a\u015fa\u011f\u0131daki gibi inceledim.<\/p>\n<ol>\n<li style=\"list-style-type: none;\">\n<ol>\n<li style=\"list-style-type: none;\">\n<ol>\n<li>Ba\u015fl\u0131kta belirtti\u011fim &#8220;db-config-ini.php&#8221; dosyas\u0131 zararl\u0131 URL olarak tespit edilmi\u015f ve WordPress sitelerinde oldu\u011funu analiz ettim.<\/li>\n<li>Listedeki baz\u0131 web sitelerini inceledi\u011fimde temalar nulled oldu\u011funu analiz ettim. \u015eu maddeyi biraz a\u00e7arsam;<br \/>\nUSOM&#8217;un zararl\u0131 link kategorilerine ekledi\u011fi siteyi inceleyece\u011fim.<br \/>\nSite : cns.com.pk<br \/>\nLink : cns.com.pk\/wp-includes\/theme-compat\/db-config-ini.php<br \/>\nWeb sitesi wordpress sitesi oldu\u011fu i\u00e7in temas\u0131n\u0131 analiz ettim.<br \/>\n<img src=\"https:\/\/i.hizliresim.com\/EDYQdv.jpg\" alt=\"\" \/><\/li>\n<\/ol>\n<\/li>\n<\/ol>\n<p>Resimdeki gibi site BeTheme temas\u0131n\u0131 kullanmakta ve kullan\u0131mda bulunan tema \u00fccretli.<br \/>\nLink : <a href=\"https:\/\/themeforest.net\/item\/betheme-responsive-multipurpose-wordpress-theme\/7758048\">https:\/\/themeforest.net\/item\/betheme-responsive-multipurpose-wordpress-theme\/7758048<\/a><br \/>\nGoogle \u00fczerinden teman\u0131n nulled versiyonu i\u00e7in arama yapt\u0131m ve buldu\u011fum linki Virus Total \u00fczerinden analiz ettim.<br \/>\nLink : <a href=\"https:\/\/www.virustotal.com\/#\/url\/fcbf61d8b16232ebcb5608d65bf7f771ac0c4293d6fc5c4f0cebfbe1ea306f3a\/detection\">https:\/\/www.virustotal.com\/#\/url\/fcbf61d8b16232ebcb5608d65bf7f771ac0c4293d6fc5c4f0cebfbe1ea306f3a\/detection<\/a><br \/>\nLinkteki bilgiye g\u00f6re iki farkl\u0131 antivir\u00fcs taraf\u0131ndan tespit edilmi\u015f (Malcious,Malware)<\/li>\n<\/ol>\n<p>Yani diyece\u011fim o ki temaya bele\u015fe alaca\u011f\u0131m diye nulled tema y\u00fcklemeyiniz. Nulled temalar\u0131n \u00e7o\u011funda exploit(zaafiyeti kullanmak) olu\u015fturacak a\u00e7\u0131klar meydana getirir ve web siteniz zarar g\u00f6rme ihtimali y\u00fcksektir.<br \/>\nUSOM zararl\u0131 link listesi : <a href=\"https:\/\/www.usom.gov.tr\/zararli-baglantilar\/1.html\">https:\/\/www.usom.gov.tr\/zararli-baglantilar\/1.html<\/a><\/p>\n<p>En ulvi sayg\u0131larmla.<br \/>\nLisan\u0131 s\u00fcr\u00e7 ettiysek affola.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Merhabalar, Bug\u00fcn yapm\u0131\u015f oldu\u011fum analizi payla\u015fmak istiyorum. Ama pek ayr\u0131nt\u0131l\u0131 analiz yapabilmi\u015f de\u011filim dikkatinizi \u00e7ekmek isterim.<\/p>\n","protected":false},"author":3,"featured_media":299,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[81,88],"tags":[141,254,255,265,306,359,475,712,784,820],"_links":{"self":[{"href":"http:\/\/localhost\/bilisimkurdu\/wp-json\/wp\/v2\/posts\/298"}],"collection":[{"href":"http:\/\/localhost\/bilisimkurdu\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/localhost\/bilisimkurdu\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/localhost\/bilisimkurdu\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"http:\/\/localhost\/bilisimkurdu\/wp-json\/wp\/v2\/comments?post=298"}],"version-history":[{"count":0,"href":"http:\/\/localhost\/bilisimkurdu\/wp-json\/wp\/v2\/posts\/298\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/localhost\/bilisimkurdu\/wp-json\/wp\/v2\/media\/299"}],"wp:attachment":[{"href":"http:\/\/localhost\/bilisimkurdu\/wp-json\/wp\/v2\/media?parent=298"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/localhost\/bilisimkurdu\/wp-json\/wp\/v2\/categories?post=298"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/localhost\/bilisimkurdu\/wp-json\/wp\/v2\/tags?post=298"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}