{"id":12171,"date":"2024-04-01T12:00:23","date_gmt":"2024-04-01T09:00:23","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=12171"},"modified":"2024-04-01T12:00:23","modified_gmt":"2024-04-01T09:00:23","slug":"wi-fi-pmkid-attack","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/wi-fi-pmkid-attack\/12171\/","title":{"rendered":"PMKID sald\u0131r\u0131s\u0131 kullanarak Wi-Fi hackleme"},"content":{"rendered":"<p>Kablosuz a\u011f\u0131n\u0131z\u0131n g\u00fcvenli\u011fi konusunda endi\u015fe duymak baz\u0131lar\u0131n\u0131n d\u00fc\u015f\u00fcnd\u00fc\u011f\u00fc kadar paranoyak\u00e7a de\u011fildir. Bir\u00e7ok y\u00f6nlendiricide, WPA\/WPA2 korumal\u0131 Wi-Fi a\u011f\u0131n\u0131z\u0131 olduk\u00e7a savunmas\u0131z hale getiren bir ayar varsay\u0131lan olarak etkindir. Bu yaz\u0131da, bu ayar\u0131 kullanan kablosuz a\u011flar\u0131 hacklemenin en etkili y\u00f6ntemlerinden birini ve buna kar\u015f\u0131 nas\u0131l korunaca\u011f\u0131n\u0131z\u0131 tart\u0131\u015faca\u011f\u0131z.<\/p>\n<h2>WPA\/WPA2-PSK\u2019ya y\u00f6nelik en basit ve en etkili sald\u0131r\u0131: PMKID sald\u0131r\u0131s\u0131<\/h2>\n<p>PMKID sald\u0131r\u0131s\u0131, WPA\/WPA2 standartlar\u0131yla korunan kablosuz a\u011flara sald\u0131rman\u0131n en etkili, y\u00fcr\u00fctmesi kolay ve tamamen tespit edilemez y\u00f6ntemidir. Bu sald\u0131r\u0131 \u00f6z\u00fcnde, a\u011fa hi\u00e7bir cihaz ba\u011fl\u0131 olmasa bile kablosuz y\u00f6nlendiricilerin s\u00fcrekli olarak yay\u0131nlad\u0131\u011f\u0131 \u015fifrelenmi\u015f Wi-Fi parolalar\u0131n\u0131 ele ge\u00e7irmeyi i\u00e7erir. \u015eifrelenmi\u015f parolay\u0131 elde eden sald\u0131rgan, parolan\u0131n \u015fifresini \u00e7\u00f6zmek i\u00e7in <a target=\"_blank\" href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/brute-force\/\" rel=\"noopener\">deneme yan\u0131lma<\/a> y\u00f6ntemini kullanabilir ve b\u00f6ylece Wi-Fi a\u011f\u0131na ba\u011flanabilir.<\/p>\n<p>Bu sald\u0131r\u0131, <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/en.wikipedia.org\/wiki\/Wardriving\">wardriving<\/a> ad\u0131 verilen bir teknik kullan\u0131larak b\u00fcy\u00fck \u00f6l\u00e7ekte de ger\u00e7ekle\u015ftirilebilir. Burada sald\u0131rgan bir \u015fehirde dola\u015farak ula\u015fabildi\u011fi t\u00fcm kablosuz a\u011flar\u0131 tarar ve y\u00f6nlendiriciler taraf\u0131ndan yay\u0131nlanan \u015fifrelenmi\u015f parolalar\u0131 ele ge\u00e7irir. Bunun i\u00e7in \u00e7ok fazla ekipman gerekmez, sadece bir diz\u00fcst\u00fc bilgisayar, uzun menzilli bir Wi-Fi adapt\u00f6r\u00fc ve g\u00fc\u00e7l\u00fc bir anten yeterlidir.<\/p>\n<p>Ele ge\u00e7irilen \u015fifrelenmi\u015f parolalar hareket halindeyken k\u0131r\u0131labilir. Ancak bir sald\u0131rgan eve gelene kadar beklemeyi ve toplad\u0131\u011f\u0131 t\u00fcm parolalar\u0131 y\u00fcksek performansl\u0131 bir bilgisayar\u0131ndaki bir parola k\u0131rma arac\u0131na girmeyi tercih edebilir (veya bunun i\u00e7in bulutta bilgi i\u015flem g\u00fcc\u00fc kiralayabilir). Bu sald\u0131r\u0131n\u0131n etkinli\u011fi k\u0131sa s\u00fcre \u00f6nce Hanoi\u2019de <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/e.vnexpress.net\/news\/news\/thousands-of-wi-fi-passwords-collectible-using-homemade-device-4716364.html\">kendini g\u00f6sterdi<\/a>: Vietnaml\u0131 bir bilgisayar korsan\u0131 yakla\u015f\u0131k 10.000 kablosuz a\u011f\u0131 tarad\u0131 ve bunlar\u0131n yar\u0131s\u0131n\u0131n \u015fifrelerini \u00e7\u00f6zmeyi ba\u015fard\u0131.<\/p>\n<div id=\"attachment_12173\" style=\"width: 1370px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2024\/04\/01115711\/wi-fi-pmkid-attack-01.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-12173\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2024\/04\/01115711\/wi-fi-pmkid-attack-01.jpg\" alt=\"PMKID sald\u0131r\u0131s\u0131 kullanarak toplu Wi-Fi hackleme i\u00e7in gerekli ekipman\" width=\"1360\" height=\"816\" class=\"size-full wp-image-12173\"><\/a><p id=\"caption-attachment-12173\" class=\"wp-caption-text\">PMKID sald\u0131r\u0131s\u0131n\u0131 kullanarak 5000 kablosuz a\u011f\u0131 hacklemek i\u00e7in ihtiyac\u0131n\u0131z olan tek \u015fey bu. <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/e.vnexpress.net\/news\/news\/thousands-of-wi-fi-passwords-collectible-using-homemade-device-4716364.html\">Kaynak<\/a><\/p><\/div>\n<h2>PMKID sald\u0131r\u0131s\u0131 kullanarak Wi-Fi hacklemek nas\u0131l m\u00fcmk\u00fcn olabilir?<\/h2>\n<p>Peki kablosuz y\u00f6nlendiriciler neden \u015fifreli de olsa Wi-Fi \u015fifrelerini her zaman yay\u0131nl\u0131yorlar? Bu, \u00e7o\u011fu y\u00f6nlendiricide uygulanan ve genellikle varsay\u0131lan olarak etkinle\u015ftirilen <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/en.wikipedia.org\/wiki\/IEEE_802.11r-2008\">802.11r standard\u0131n\u0131n<\/a> temel bir i\u015flevidir. Bu standart, birden fazla eri\u015fim noktas\u0131 kullanan Wi-Fi a\u011flar\u0131nda h\u0131zl\u0131 dola\u015f\u0131m sa\u011flar. \u0130stemci cihaz\u0131n yeni eri\u015fim noktalar\u0131na yeniden ba\u011flanmas\u0131n\u0131 h\u0131zland\u0131rmak i\u00e7in s\u00fcrekli olarak tan\u0131mlay\u0131c\u0131 yani ayn\u0131 PMKID yay\u0131nlan\u0131r.<\/p>\n<p>Bu tan\u0131mlay\u0131c\u0131, E\u015fle\u015ftirilmi\u015f Ana Anahtar\u0131n (PMK) bir t\u00fcrevidir. Daha do\u011frusu, kaynak verileri PMK anahtar\u0131n\u0131 ve baz\u0131 ek verileri i\u00e7eren bir SHA-1 karma i\u015flevi hesaplamas\u0131n\u0131n sonucunu i\u00e7erir. PMK anahtar\u0131n\u0131n kendisi de Wi-Fi \u015fifresinin SHA-1 hash fonksiyonu hesaplamas\u0131n\u0131n sonucudur.<\/p>\n<p>Ba\u015fka bir deyi\u015fle, PMKID iki kez karma hale getirilmi\u015f kablosuz a\u011f parolas\u0131n\u0131 i\u00e7erir. Teorik olarak, hashing i\u015flemi geri d\u00f6nd\u00fcr\u00fclemez, yani elde edilen hashlenmi\u015f de\u011ferden orijinal veriyi kurtarmak imkans\u0131zd\u0131r. Muhtemelen 802.11r standard\u0131n\u0131n yarat\u0131c\u0131lar\u0131 PMKID tabanl\u0131 h\u0131zl\u0131 dola\u015f\u0131m mekanizmas\u0131n\u0131 tasarlarken buna g\u00fcvenmi\u015flerdir.<\/p>\n<p>Ancak, karma veriler kaba kuvvetle zorlanabilir. \u0130nsanlar\u0131n kablosuz a\u011flar i\u00e7in nadiren \u00f6zellikle g\u00fc\u00e7l\u00fc parolalar kullanmas\u0131, bunun yerine genellikle olduk\u00e7a \u00f6ng\u00f6r\u00fclebilir karakter kombinasyonlar\u0131na g\u00fcvenmesi bu durumu \u00f6zellikle kolayla\u015ft\u0131rmaktad\u0131r. 802.11r\u2019nin yarat\u0131c\u0131lar\u0131 belli ki bunu dikkate almam\u0131\u015flar.<\/p>\n<p>Bu sorun birka\u00e7 y\u0131l \u00f6nce, en pop\u00fcler parola kurtarma, yani asl\u0131nda parola k\u0131rma ara\u00e7lar\u0131ndan biri olan Hashcat\u2019in arkas\u0131ndaki ekip taraf\u0131ndan <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/hashcat.net\/forum\/thread-7717.html\">ke\u015ffedildi<\/a>. O zamandan beri, \u00f6zellikle ele ge\u00e7irilen PMKID\u2019leri k\u0131rmak i\u00e7in \u00f6zel ara\u00e7lar geli\u015ftirildi.<\/p>\n<div id=\"attachment_12174\" style=\"width: 1454px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2024\/04\/01115743\/wi-fi-pmkid-attack-02.png\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-12174\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2024\/04\/01115743\/wi-fi-pmkid-attack-02.png\" alt=\"Ele ge\u00e7irilen bir PMKID'den Wi-Fi parolas\u0131 hackleme \" width=\"1444\" height=\"1482\" class=\"size-full wp-image-12174\"><\/a><p id=\"caption-attachment-12174\" class=\"wp-caption-text\">Bir kablosuz a\u011f\u0131n ele ge\u00e7irilen PMKID\u2019sinden \u201chashcat!\u201d parolas\u0131n\u0131n ba\u015far\u0131yla \u00e7\u0131kar\u0131lmas\u0131. <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/hashcat.net\/forum\/thread-7717.html\">Kaynak<\/a><\/p><\/div>\n<p>Bu nedenle, pratikte sald\u0131rgan genellikle \u015fifrelenmi\u015f parolay\u0131 i\u00e7eren PMKID\u2019yi ele ge\u00e7irir ve ard\u0131ndan bir <a target=\"_blank\" href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/dictionary-attack\/\" rel=\"noopener\">s\u00f6zl\u00fck sald\u0131r\u0131s\u0131<\/a> kullan\u0131r \u2013 yani, bir veritaban\u0131nda toplanan en yayg\u0131n parolalarla deneme yan\u0131lma yapar.<\/p>\n<h2>Kablosuz a\u011f\u0131n\u0131z\u0131 PMKID sald\u0131r\u0131s\u0131ndan nas\u0131l korursunuz?<\/h2>\n<p>Kablosuz a\u011f\u0131n\u0131zda ya\u0131labilecek bir PMKID sald\u0131r\u0131s\u0131n\u0131 \u00f6nlemek i\u00e7in ne yapabilirsiniz? Neyse ki, uygulanmas\u0131 \u00e7ok da zor olmayan birka\u00e7 koruyucu \u00f6nlem vard\u0131r:<\/p>\n<ul>\n<li><strong>Kablosuz a\u011f\u0131n\u0131z i\u00e7in olabildi\u011fince uzun ve karma\u015f\u0131k bir parola olu\u015fturun.<\/strong> Bir PMKID sald\u0131rgan\u0131 Wi-Fi\u2019\u0131n\u0131zdan karma parolay\u0131 ele ge\u00e7irdi\u011finde, yine de daha sonra \u015fifresini \u00e7\u00f6zmesi gerekir, ancak parola ne kadar karma\u015f\u0131ksa sald\u0131rganlar\u0131n ba\u015far\u0131l\u0131 olma olas\u0131l\u0131\u011f\u0131 o kadar d\u00fc\u015f\u00fckt\u00fcr. Bu nedenle, bu sald\u0131r\u0131ya kar\u015f\u0131 korunmak i\u00e7in kablosuz a\u011f\u0131n\u0131z i\u00e7in m\u00fcmk\u00fcn olan en uzun ve en tahmin edilemez parolay\u0131 olu\u015fturun.<\/li>\n<li><strong>Y\u00f6nlendirici ayarlar\u0131nda PMKID iletimini devre d\u0131\u015f\u0131 b\u0131rak\u0131n.<\/strong> Ne yaz\u0131k ki, t\u00fcm y\u00f6nlendiriciler buna izin vermez, ancak sizinkinin bu ayara sahip olup olmad\u0131\u011f\u0131n\u0131 kontrol etmeye de\u011fer. PMKID veya 802.11r aramas\u0131 yaparak bulabilirsiniz.<\/li>\n<li><strong>WPA3\u2019e ge\u00e7in.<\/strong> T\u00fcm cihazlar\u0131n\u0131z bu yeni Wi-Fi g\u00fcvenlik standard\u0131n\u0131 destekliyorsa, bu standarda ge\u00e7meyi d\u00fc\u015f\u00fcnebilirsiniz: WPA3 genellikle WPA2\u2019den \u00e7ok daha g\u00fcvenlidir ve daha da \u00f6nemlisi PMKID sald\u0131r\u0131s\u0131na kar\u015f\u0131 savunmas\u0131z de\u011fildir.<\/li>\n<li><strong>Bir misafir a\u011f\u0131 kurun.<\/strong> Yeni cihazlarda ana a\u011f i\u00e7in s\u0131k s\u0131k g\u00fc\u00e7l\u00fc bir parola girmek zorunda kalmak s\u0131k\u0131c\u0131 olabilir, bu nedenle daha basit bir parolaya sahip bir <a target=\"_blank\" href=\"https:\/\/www.kaspersky.com.tr\/blog\/guest-wifi\/5294\/\" rel=\"noopener\">misafir a\u011f\u0131 kurun<\/a>. Bu arada, IoT cihazlar\u0131 gibi potansiyel olarak g\u00fcvenli olmayan \u015feyleri misafir a\u011f\u0131na aktarmak da <a target=\"_blank\" href=\"https:\/\/www.kaspersky.com\/blog\/how-to-secure-smart-home\/47472\/\" rel=\"noopener nofollow\">iyi bir fikirdir<\/a>.<\/li>\n<li><a href=\"https:\/\/www.kaspersky.com.tr\/plus?icid=tr_bb2023-kdplacehd_acq_ona_smm__onl_b2c_kdaily_lnk_sm-team___kplus___\" target=\"_blank\" rel=\"noopener\">Kaspersky Plus<\/a> ve <a href=\"https:\/\/www.kaspersky.com.tr\/premium?icid=tr_bb2023-kdplacehd_acq_ona_smm__onl_b2c_kdaily_lnk_sm-team___kprem___\" target=\"_blank\" rel=\"noopener\">Kaspersky Premium<\/a><strong> aboneliklerimizde bulunan<\/strong><a target=\"_blank\" href=\"https:\/\/support.kaspersky.ru\/help\/Kaspersky\/Win21.7\/en-US\/138204.htm\" rel=\"noopener nofollow\"><strong> \u201cA\u011f\u0131mdaki Cihazlar\u201d<\/strong><\/a><strong> \u00f6zelli\u011fini kullan\u0131n<\/strong>. Bu \u00f6zellik a\u011f\u0131n\u0131zdaki cihazlar\u0131n bir listesini g\u00f6sterir ve yeni bir cihaz ba\u011fland\u0131\u011f\u0131nda sizi uyar\u0131r.<\/li>\n<\/ul>\n<p>Birinin kablosuz a\u011f\u0131n\u0131z\u0131 hacklemeyi ba\u015farmas\u0131 durumunda iletilen verilerin daha fazla korunmas\u0131 i\u00e7in, internet ba\u011flant\u0131s\u0131n\u0131 g\u00fcvence alt\u0131na almak \u00fczere t\u00fcm cihazlar\u0131n\u0131zda bir VPN kullan\u0131n; \u00f6rne\u011fin, <a href=\"https:\/\/www.kaspersky.com.tr\/plus?icid=tr_bb2023-kdplacehd_acq_ona_smm__onl_b2c_kdaily_lnk_sm-team___kplus___\" target=\"_blank\" rel=\"noopener\">Kaspersky Plus<\/a> ve <a href=\"https:\/\/www.kaspersky.com.tr\/premium?icid=tr_bb2023-kdplacehd_acq_ona_smm__onl_b2c_kdaily_lnk_sm-team___kprem___\" target=\"_blank\" rel=\"noopener\">Kaspersky Premium<\/a> aboneliklere de d\u00e2hil olan <a href=\"https:\/\/www.kaspersky.com.tr\/vpn-secure-connection?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2c_kasperskydaily_wpplaceholder____vpn___\" target=\"_blank\" rel=\"noopener\">Kaspersky Secure Connection<\/a>\u2018\u0131m\u0131z.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"premium-geek\">\n","protected":false},"excerpt":{"rendered":"<p>WPA2 korumal\u0131 bir kablosuz a\u011f\u0131 hacklemenin en kolay yolu nedir? PMKID sald\u0131r\u0131s\u0131n\u0131 kullanma. \u0130\u015fte nas\u0131l \u00e7al\u0131\u015ft\u0131\u011f\u0131 ve kendinizi korumak i\u00e7in neler yapabilece\u011finiz.<\/p>\n","protected":false},"author":2726,"featured_media":12172,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[994,1284,1351],"tags":[500,744,545,1046,2723,1525,1109,561,537,762,174,1929],"class_list":{"0":"post-12171","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-privacy","8":"category-tips","9":"category-threats","10":"tag-gizlilik","11":"tag-guvenlik","12":"tag-hack","13":"tag-kaspersky-secure-connection","14":"tag-misafir-wi-fi","15":"tag-parolalar","16":"tag-saldirilar","17":"tag-sifreler","18":"tag-tehditler","19":"tag-vpn","20":"tag-wi-fi","21":"tag-yonlendiriciler"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/wi-fi-pmkid-attack\/12171\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/wi-fi-pmkid-attack\/27186\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/wi-fi-pmkid-attack\/22494\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/wi-fi-pmkid-attack\/11521\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/wi-fi-pmkid-attack\/29862\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/wi-fi-pmkid-attack\/27361\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/wi-fi-pmkid-attack\/27125\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/wi-fi-pmkid-attack\/29808\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/wi-fi-pmkid-attack\/28623\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/wi-fi-pmkid-attack\/37126\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/wi-fi-pmkid-attack\/50790\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/wi-fi-pmkid-attack\/21638\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/wi-fi-pmkid-attack\/22351\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/wi-fi-pmkid-attack\/31038\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/wi-fi-pmkid-attack\/27548\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/wi-fi-pmkid-attack\/33368\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/wi-fi-pmkid-attack\/32994\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/wi-fi\/","name":"wi-fi"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/12171","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2726"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=12171"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/12171\/revisions"}],"predecessor-version":[{"id":12178,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/12171\/revisions\/12178"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/12172"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=12171"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=12171"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=12171"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}