ANALISA SERANGAN SQL INJEKSI MENGGUNAKAN SQLMAP
DOI:
https://doi.org/10.31961/positif.v4i2.610Keywords:
SQLMAP, SQL Injeksi, Penyerangan Website, Kali LinuxAbstract
In today's world, SQL injection is a serious security threat on the Internet for various dynamic web sites on the internet. Because internet usage for various online services is increasing, so are the security threats that exist on the web are increasing. SQL injection attack is one of the most serious security vulnerabilities on the Web, most of these vulnerabilities are caused by a lack of input validation and use of SQL parameters. SQLMap is an application of the Kali Linux operating system where this application is useful for injecting data contained in a web using the features available in this application. In this paper, we have presented an example of an attack case using SQLMAP, starting from the injection process and how the application works until the process where we can get sensitive data from a web that has been injected without the victim knowing.
Downloads
References
P. Singh, K. Thevar, P. Shetty, and B. Shaikh, “Detection of SQL Injection and XSS Vulnerability in Web Application,†no. 3, pp. 16–21, 2015.
W. G. J. Halfond and A. Orso, “Detection and Prevention of SQL Injection Attacks,†Malware Detect., vol. 13, no. 8, pp. 85–109, 2013.
R. P. Mahapatra, “A Survey Of Sql Injection Countermeasures,†Int. J. Comput. Sci. Eng. Surv., vol. 3, no. 3, pp. 55–74, 2012.
R. M. Pandurang and D. C. Karia, “A mappingbased podel for preventing Cross site scripting and SQL injection attacks on web application and its impact analysis,†Proc. 2015 1st Int. Conf. Next Gener. Comput. Technol. NGCT 2015, no. September, pp. 414–418, 2016.
S. Charania and V. Vyas, “SQL Injection Attack :Detection and Prevention,†Int. Res. J. Eng. Technol., pp. 2395–56, 2016.
S. Mirdula and D. Manivannan, “Security vulnerabilities in web application - An attack perspective,†Int. J. Eng. Technol., vol. 5, no. 2, pp. 1806–1811, 2013.
M. Kaushik and G. Ojha, “Attack Penetration System for SQL Injection,†Int. J. Adv. Comput. Res., vol. 4, no. 2, pp. 724–732, 2014.
A. Sadeghian, M. Zamani, and A. A. Manaf, “A taxonomy of SQL injection detection and prevention techniques,†Proc. - 2013 Int. Conf. Informatics Creat. Multimedia, ICICM 2013, pp. 53–56, 2013.
A. John, “SQL Injection Prevention by Adaptive Algorithm,†IOSR J. Comput. Eng., vol. 17, no. 1, pp. 19–24, 2015.
B. S. Samantha and M. V Phanindra, “AN OVERVIEW ON THE UTILIZATION OF KALI LINUX TOOLS Professor Department of Information Technology , CBIT , Hyderabad , India,†vol. 5, no. 2, pp. 104–113, 2018.
R. M. Davison, M. G. Martinsons, and N. Kock, “Principles of canonical action research,†Inf. Syst. J., 2004.
Downloads
Published
How to Cite
Issue
Section
License
Authors who publish with Positif : Jurnal Sistem dan Teknologi Informasi agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
This work is licensed under a Creative Commons Attribution 4.0 International License.