{"id":6404,"date":"2016-01-14T15:42:24","date_gmt":"2016-01-14T13:42:24","guid":{"rendered":"https:\/\/ihs.com.tr\/blog\/?p=6404"},"modified":"2016-01-14T15:42:24","modified_gmt":"2016-01-14T13:42:24","slug":"drupal-siteleri-risk-altinda","status":"publish","type":"post","link":"https:\/\/www.ihs.com.tr\/blog\/drupal-siteleri-risk-altinda\/","title":{"rendered":"Drupal Siteleri Risk Alt\u0131nda"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">Pop\u00fcler i\u00e7erik y\u00f6netimi sistemi <strong>Drupal<\/strong>\u2019in g\u00fcncelleme mekanizmas\u0131 sald\u0131rganlar\u0131n y\u00f6neticileri kand\u0131rarak k\u00f6t\u00fc ama\u00e7l\u0131 g\u00fcncellemeleri y\u00fckletmelerine neden oluyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">G\u00fcvenlik \u015firketi IOActive\u2019den <strong>Fernando Arnaboldi<\/strong> Drupal\u2019in y\u00f6neticileri g\u00fcncelleme kontrol\u00fcn\u00fcn, g\u00fcncelleme sunucusuna eri\u015fememek gibi nedenlerden ba\u015far\u0131s\u0131z oldu\u011fu hakk\u0131nda uyarmad\u0131\u011f\u0131n\u0131 tespit etti. Bu y\u00fczden y\u00f6netim paneli CMS\u2019in g\u00fcncel olmamas\u0131na ra\u011fmen g\u00fcncel oldu\u011funu bildirmeye devam ediyor.<\/span><\/p>\n<p><a href=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2016\/01\/Drupal-a\u00e7\u0131\u011f\u0131.png\" data-rel=\"penci-gallery-image-content\" rel=\"attachment wp-att-6405\"><img decoding=\"async\" class=\"alignnone size-medium wp-image-6405\" src=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2016\/01\/Drupal-a\u00e7\u0131\u011f\u0131-300x110.png\" alt=\"Drupal a\u00e7\u0131\u011f\u0131\" width=\"300\" height=\"110\" srcset=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2016\/01\/Drupal-a\u00e7\u0131\u011f\u0131-300x110.png 300w, https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2016\/01\/Drupal-a\u00e7\u0131\u011f\u0131.png 640w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><span style=\"font-size: 14pt;\">Bu durum, hackerlar\u0131n Drupal, WordPress veya Joomla gibi pop\u00fcler i\u00e7erik y\u00f6netimi sistemlerindeki a\u00e7\u0131klardan an\u0131nda faydaland\u0131klar\u0131 i\u00e7in sorun te\u015fkil edebilir. 2014\u2019te ya\u015fanan bir olayda Drupal \u00f6nemli bir yamay\u0131 yay\u0131nlayana kadar ge\u00e7en yedi saat i\u00e7erisinde hackerlar bu a\u00e7\u0131ktan faydalanmaya ba\u015flam\u0131\u015ft\u0131.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Arnaboldi a\u00e7\u0131\u011f\u0131 biraz daha ara\u015ft\u0131r\u0131nca Drupal g\u00fcncellemelerinin HTTPS \u00fczerinde yap\u0131lmad\u0131\u011f\u0131n\u0131 tespit etti. Bu da ba\u011flant\u0131lar\u0131n \u015fifrelendirilmedi\u011fi ve iki nokta aras\u0131ndaki ba\u011flant\u0131y\u0131 izinsiz izleyen sald\u0131rganlar taraf\u0131ndan ele ge\u00e7irilebilece\u011fi anlam\u0131na geliyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">CMS ilk olarak updates.drupal.org sunucusundan bir XML dosyas\u0131 y\u00fckl\u00fcyor ve i\u00e7indeki dosyan\u0131n y\u00fcklenen dosyaya uyup uymad\u0131\u011f\u0131n\u0131 kontrol ediyor. E\u011fer XML dosyas\u0131nda yeni bir versiyon \u00e7\u0131karsa CMS y\u00f6netim panelinde bir g\u00fcncelleme oldu\u011funa dair bir uyar\u0131 g\u00f6steriyor. Uyar\u0131da ayr\u0131ca yeni versiyonun indirilebilece\u011fi bir ba\u011flant\u0131 bulunuyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Bu da Drupal web sitesiyle Drupal g\u00fcncelleme sunucusu aras\u0131ndaki trafi\u011fe m\u00fcdahale edebilecek bir konumda bulunan sald\u0131rganlar\u0131n kullan\u0131c\u0131lar\u0131 CMS\u2019in sisteme izinsiz girebilecek bir versiyonuna g\u00f6nderecek sahte bir XML dosyas\u0131 yay\u0131nlayabilmeleri anlam\u0131na geliyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Drupal g\u00fcncellemeleri elle yap\u0131ld\u0131\u011f\u0131 i\u00e7in sald\u0131rganlar\u0131n y\u00f6neticinin sahte g\u00fcncelleme dosyas\u0131n\u0131 y\u00fckleyip kurmas\u0131n\u0131 beklemeleri gerekiyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Drupal mod\u00fcllerini g\u00fcncellemek yar\u0131 otomatik bir i\u015flem. Y\u00f6netici mod\u00fcl g\u00fcncellemeleri i\u00e7in bir y\u00fckle butonuna t\u0131klad\u0131\u011f\u0131nda mod\u00fcl otomatik olarak y\u00fckleniyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Mod\u00fcl g\u00fcncelleme i\u015flemleri de korumas\u0131z ve ele ge\u00e7irilmeye a\u00e7\u0131k. Sald\u0131rganlar sahte mod\u00fcl g\u00fcncelleme dosyalar\u0131yla web sunucusunda kod \u00e7al\u0131\u015ft\u0131rabiliyor veya sitenin veritaban\u0131na eri\u015febiliyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">\u00dc\u00e7\u00fcnc\u00fc sorun ise y\u00f6neticilerin g\u00fcncellemeleri elle kontrol edebilmesini sa\u011flayan ve siteler aras\u0131 sahte istek sald\u0131r\u0131lar\u0131na a\u00e7\u0131k olan ba\u011flant\u0131yla ilgili. E\u011fer bir y\u00f6netici kontrol\u00fc sald\u0131rgan\u0131n eline ge\u00e7mi\u015f bir web sitesini ziyaret ederse, o web sitesi gizlice kendi taray\u0131c\u0131s\u0131n\u0131 sisteme sokuyor ve Drupal kurulumu i\u00e7in arka arkaya g\u00fcncelleme kontrolleri yollayabiliyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">B\u00f6ylece oturum ele ge\u00e7irilmi\u015f oluyor ve sald\u0131r\u0131 ele ge\u00e7irilen web sitesinin updates.drupal.org\u2019dan arka arkaya bilgi iste\u011finde bulunarak a\u011f bant geni\u015fli\u011fini tamamen kullanmak zorunda kalmas\u0131na neden oluyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Bu sorunlar hen\u00fcz \u00e7\u00f6z\u00fclm\u00fc\u015f de\u011fil, bu y\u00fczden Arnaboldi <a href=\"http:\/\/blog.ioactive.com\/2016\/01\/drupal-insecure-update-process.html\" target=\"_blank\" rel=\"nofollow\">blogunda<\/a> Drupal y\u00f6neticilerinin \u015fimdilik t\u00fcm Drupal ve mod\u00fcl g\u00fcncellemelerini elle yapmalar\u0131n\u0131n daha iyi olaca\u011f\u0131n\u0131 yaz\u0131yor. \u00a0<\/span><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Pop\u00fcler i\u00e7erik y\u00f6netimi sistemi Drupal\u2019in g\u00fcncelleme mekanizmas\u0131 sald\u0131rganlar\u0131n y\u00f6neticileri kand\u0131rarak k\u00f6t\u00fc ama\u00e7l\u0131 g\u00fcncellemeleri y\u00fckletmelerine neden oluyor. G\u00fcvenlik \u015firketi IOActive\u2019den Fernando Arnaboldi Drupal\u2019in&hellip;<\/p>\n","protected":false},"author":3,"featured_media":6406,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-6404","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-haberler"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6404","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=6404"}],"version-history":[{"count":3,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6404\/revisions"}],"predecessor-version":[{"id":6421,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6404\/revisions\/6421"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media\/6406"}],"wp:attachment":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=6404"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=6404"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=6404"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}