{"id":5811,"date":"2025-06-23T13:05:37","date_gmt":"2025-06-23T09:05:37","guid":{"rendered":"https:\/\/jsnet.biz\/?p=5811"},"modified":"2025-07-07T17:02:31","modified_gmt":"2025-07-07T13:02:31","slug":"keytrap-n%c9%99dir","status":"publish","type":"post","link":"https:\/\/jsnet.biz\/ru\/keytrap-n%c9%99dir\/","title":{"rendered":"KeyTrap n\u0259dir?"},"content":{"rendered":"<h3 class=\"wp-block-heading\">\ud83d\udd10 <strong>KeyTrap n\u0259dir?<\/strong><\/h3>\n\n\n\n<p><strong>KeyTrap<\/strong> (tam ad\u0131 il\u0259 \u201cKeyboard Trap\u201d) \u2013 \u0259m\u0259liyyat systemmind\u0259ki klaviatura buferi v\u0259 giri\u015f Hadis\u0259l\u0259rinin emal systemmind\u0259ki z\u0259iflikd\u0259n qaynaqlanan bir istismard\u0131r (<em>\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442<\/em>). \u041d\u043e z\u0259iflikd\u0259n istifad\u0259 ed\u0259n h\u00fccum\u00e7u, z\u0259r\u0259rli v\u0259 ya qeyri-standart <strong>klaviatura Hadis\u0259l\u0259ri (\u0441\u043e\u0431\u044b\u0442\u0438\u0435 \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b)<\/strong> \u044f\u0440\u0430\u0434\u0430\u0440\u0430\u043a <strong>\u0259m\u0259liyyat sistemini v\u0259 ya cihaz\u0131 kilidl\u0259y\u0259 v\u0259 ya iflic v\u0259ziyy\u0259tin\u0259 sala<\/strong> \u0431\u0438\u043b\u044d\u0440. \u018fsas\u0259n bu Tip h\u00fccumlar <strong>q\u0259sd\u0259n yarad\u0131lan qeyri-adi v\u0259 ya ard\u0131c\u0131l d\u00fcym\u0259 siqnallar\u0131<\/strong> il\u0259 h\u0259yata ke\u00e7irilir.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83c\udfaf <strong>Hans\u0131 systemml\u0259r\u0259 t\u0259sir edir?<\/strong><\/h3>\n\n\n\n<p>\u0421\u0438\u0441\u0442\u0435\u043c\u0430 KeyTrap \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Windows<\/strong>, <strong>Linux<\/strong>, \u0432\u044d <strong>macOS<\/strong> sisteml\u0259ri (x\u00fcsusil\u0259 a\u015fa\u011f\u0131 s\u0259viyy\u0259li klaviatura s\u00fcr\u00fcc\u00fcl\u0259rind\u0259)<\/li>\n\n\n\n<li>\u0130nteqrasiya olunmu\u015f <strong>BIOS\/UEFI sisteml\u0259ri<\/strong> (b\u0259zi hallarda)<\/li>\n\n\n\n<li>X\u00fcsusi t\u0259hl\u00fck\u0259: <strong>\u0423\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u0441\u0442\u043e\u043b<\/strong>, <strong>\u041a\u0412\u041c<\/strong>, \u0432\u044d <strong>\u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b<\/strong> \u00fcz\u0259rind\u0259n daxil olan istifad\u0259\u00e7il\u0259r\u0259<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">\u2699\ufe0f <strong>\u0130\u015f prinsipi nec\u0259dir?<\/strong><\/h3>\n\n\n\n<p>\u041f\u0440\u0438\u043d\u0446\u0438\u043f \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f KeyTrap \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Z\u0259r\u0259rli proqram v\u0259 ya Cihaz (m\u0259s\u0259l\u0259n, USB klaviatura) t\u0259r\u0259find\u0259n qeyri-adi <strong>\u0432\u0432\u043e\u0434 \u0441 \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b<\/strong> g\u00f6nd\u0259rilir (m\u0259s\u0259l\u0259n, \u00e7oxsayda) <code>\u0421\u0434\u0432\u0438\u0433<\/code>, <code>Ctrl<\/code> v\u0259 ya nadir Unicode simvolu).<\/li>\n\n\n\n<li>\u018fm\u0259liyyat sistemi bu Hadis\u0259ni d\u00fczg\u00fcn emal ed\u0259 bilmir v\u0259 <strong>resurslar\u0131n \u00e7ox istifad\u0259si<\/strong>, <strong>\u043f\u0435\u0442\u043b\u044f<\/strong> \u0432\u0259 \u044f <strong>donma v\u0259ziyy\u0259ti<\/strong> yaran\u0131r.<\/li>\n\n\n\n<li>Bu v\u0259ziyy\u0259td\u0259 sistem ya <strong>\u0442\u0430\u043c \u0434\u043e\u043d\u0443\u0440<\/strong>, \u044f \u0434\u0430 <strong>klaviatura giri\u015fl\u0259ri qeyri-i\u015fl\u0259k olur<\/strong>, b\u0259zi hallarda is\u0259 <strong>\u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c<\/strong> t\u0259l\u0259b olunur.<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udee1\ufe0f <strong>T\u0259hl\u00fck\u0259sizlik Riski n\u0259dir?<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u041e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS)<\/strong> \u2013 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438\u043d \u043a\u0430\u0432\u0430\u0431 verm\u0259m\u0259sin\u0259 s\u0259b\u0259b olur<\/li>\n\n\n\n<li>\u018fg\u0259r z\u0259r\u0259rli kod sistem\u0259 d\u00fc\u015f\u00fcbs\u0259, <strong>\u043b\u043e\u043a\u0430\u043b\u044c\u043d\u0430\u044f \u044d\u0441\u043a\u0430\u043b\u0430\u0441\u0438\u044f<\/strong> \u0432\u0259 \u044f <strong>fiziki h\u00fccum<\/strong> ba\u015f ver\u0259 bil\u0259r<\/li>\n\n\n\n<li>\u0130stifad\u0259\u00e7inin sistemd\u0259n \u00e7\u0131x\u0131\u015f\u0131na v\u0259 ya idar\u0259sin\u0259 <strong>mane\u00e7ilik t\u00f6r\u0259d\u0259 bil\u0259r<\/strong><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83e\uddef <strong>Qar\u015f\u0131s\u0131n\u0131 alma yollar\u0131<\/strong><\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Sistem g\u00fcnc\u0259ll\u0259m\u0259l\u0259ri<\/strong> \u2013 \u018fm\u0259liyyat systeminizin v\u0259 drayverl\u0259rin \u0259n son t\u0259hl\u00fck\u0259sizlik yamaqlar\u0131 il\u0259 t\u0259min edilm\u0259si<\/li>\n\n\n\n<li><strong>USB cihaz n\u0259zar\u0259ti<\/strong> \u2013 \u041d\u0430\u043c \u043d\u0443\u0436\u043d\u043e \u0432\u044b\u0431\u0440\u0430\u0442\u044c \u044d\u0442\u0438 \u043a\u043d\u043e\u043f\u043a\u0438 USB-\u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b \u0432 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0435.<\/li>\n\n\n\n<li><strong>Input filterl\u0259m\u0259<\/strong> \u2013 Klaviatura Hadis\u0259l\u0259rinin m\u0259nb\u0259yini v\u0259 d\u0259y\u0259rini yoxlayan t\u0259hl\u00fck\u0259sizlik proqramlar\u0131<\/li>\n\n\n\n<li><strong>\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f m\u00fchitl\u0259rind\u0259<\/strong> \u2013 Klaviatura y\u00f6nl\u0259ndirm\u0259si v\u0259 \u0433\u043e\u0441\u0442\u0435\u0432\u0430\u044f \u041e\u0421 izolasiya qaydalar\u0131n\u0131n t\u0259tbiqi<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udcda M\u0259lumat m\u0259nb\u0259l\u0259ri v\u0259 daha \u0259trafl\u0131 oxu:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a class=\"\" href=\"https:\/\/www.srlabs.de\" target=\"_blank\" rel=\"noopener\">\u041e\u0442\u0447\u0435\u0442 KeyTrap \u043e\u0442 \u043b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438<\/a><\/li>\n\n\n\n<li>CVE n\u00f6mr\u0259si: <strong>CVE-2023-KEYTRAP<\/strong> (h\u0259l\u0259 qeydiyyatdan ke\u00e7m\u0259y\u0259 bil\u0259r)<\/li>\n\n\n\n<li>\u041a\u043e\u0434 Github PoC \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430 (m\u00f6vcud ola bil\u0259r, ehtiyatla bax\u0131lmal\u0131d\u0131r)<\/li>\n<\/ul>\n\n\n\n<p><\/p>","protected":false},"excerpt":{"rendered":"<p>\ud83d\udd10 KeyTrap \u043e\u0442\u043a\u0440\u044b\u0442? KeyTrap (tam ad\u0131 il\u0259 \u201cKeyboard Trap\u201d) \u2013 \u0259m\u0259liyyat systemmind\u0259ki klaviatura buferi v\u0259 giri\u015f Hadis\u0259l\u0259rinin emal systemmind\u0259ki z\u0259iflikd\u0259n qaynaqlanan bir istismard\u0131r (\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442). Bu z\u0259iflikd\u0259n istifad\u0259 ed\u0259n h\u00fccum\u00e7u, z\u0259r\u0259rli v\u0259 ya qeyri-standart klaviatura Hadis\u0259l\u0259ri (\u0441\u043e\u0431\u044b\u0442\u0438\u0435 \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b) yaradaraq \u0259m\u0259liyyat sistemini v\u0259 ya cihaz\u0131 kilidl\u0259y\u0259 v\u0259 ya iflic v\u0259ziyy\u0259tin\u0259 sala bil\u0259r. \u018fsas\u0259n bu Tip h\u00fccumlar q\u0259sd\u0259n [\u2026]<\/p>","protected":false},"author":1,"featured_media":5812,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[179,174,182,173],"class_list":["post-5811","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-security","tag-cybersecurity","tag-netadmin-2","tag-networking-2","tag-sysadm"],"_links":{"self":[{"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/posts\/5811","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/comments?post=5811"}],"version-history":[{"count":0,"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/posts\/5811\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/media\/5812"}],"wp:attachment":[{"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/media?parent=5811"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/categories?post=5811"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jsnet.biz\/ru\/wp-json\/wp\/v2\/tags?post=5811"}],"curies":[{"name":"WP","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}