ANALISA SERANGAN SQL INJEKSI MENGGUNAKAN SQLMAP

Article Sidebar

pdf (Bahasa Indonesia)
Published Nov 30, 2018
DOI: https://doi.org/10.31961/positif.v4i2.610

Main Article Content

Sudiharyanto Lika
Universitas Universal
Roy Dwi Putra Halim
Universitas Universal Teknik Perangkat Lunak
Ihsan Verdian
Universitas Universal Teknik Informatika

Abstract

In today's world, SQL injection is a serious security threat on the Internet for various dynamic web sites on the internet. Because internet usage for various online services is increasing, so are the security threats that exist on the web are increasing. SQL injection attack is one of the most serious security vulnerabilities on the Web, most of these vulnerabilities are caused by a lack of input validation and use of SQL parameters. SQLMap is an application of the Kali Linux operating system where this application is useful for injecting data contained in a web using the features available in this application. In this paper, we have presented an example of an attack case using SQLMAP, starting from the injection process and how the application works until the process where we can get sensitive data from a web that has been injected without the victim knowing.

Downloads

Download data is not yet available.

Article Details

How to Cite
LIKA, Sudiharyanto; HALIM, Roy Dwi Putra; VERDIAN, Ihsan. ANALISA SERANGAN SQL INJEKSI MENGGUNAKAN SQLMAP. POSITIF : Jurnal Sistem dan Teknologi Informasi, [S.l.], v. 4, n. 2, p. 88-94, nov. 2018. ISSN 2460-9552. Available at: <https://ejurnal.poliban.ac.id/index.php/Positif/article/view/610>. Date accessed: 22 jan. 2021. doi: https://doi.org/10.31961/positif.v4i2.610.
ABNT APA BibTeX CBE EndNote - EndNote format (Macintosh & Windows) MLA ProCite - RIS format (Macintosh & Windows) RefWorks Reference Manager - RIS format (Windows only) Turabian
Issue
Vol 4 No 2 (2018): POSITIF : Jurnal Sistem dan Teknologi Informasi
Section
Articles
  1. Hak publikasi atas semua materi naskah jurnal yang diterbitkan/dipublikasikan dalam situs e-Jurnal POSITIF ini dipegang oleh dewan redaksi dengan sepengetahuan penulis (hak moral tetap milik penulis naskah).
  2. Ketentuan legal formal untuk akses artikel digital jurnal elektronik ini tunduk pada ketentuan lisensi Creative Commons Attribution-ShareAlike (CC BY-SA), yang berarti Jurnal POSITIF berhak menyimpan, mengalih media/format-kan, mengelola dalam bentuk pangkalan data (database), merawat, dan mempublikasikan artikel tanpa meminta izin dari Penulis selama tetap mencantumkan nama Penulis sebagai pemilik Hak Cipta.
  3. Naskah yang diterbitkan/dipublikasikan secara cetak dan elektronik bersifat open access untuk tujuan pendidikan, penelitian, dan perpustakaan. Selain tujuan tersebut, dewan redaksi tidak bertanggung jawab atas pelanggaran terhadap hukum hak cipta.

References

L. K. Shar and H. B. K. Tan, “Defeating SQL injection,” Computer (Long. Beach. Calif)., vol. 46, no. 3, pp. 69–77, 2013.

P. Singh, K. Thevar, P. Shetty, and B. Shaikh, “Detection of SQL Injection and XSS Vulnerability in Web Application,” no. 3, pp. 16–21, 2015.

W. G. J. Halfond and A. Orso, “Detection and Prevention of SQL Injection Attacks,” Malware Detect., vol. 13, no. 8, pp. 85–109, 2013.

R. P. Mahapatra, “A Survey Of Sql Injection Countermeasures,” Int. J. Comput. Sci. Eng. Surv., vol. 3, no. 3, pp. 55–74, 2012.

R. M. Pandurang and D. C. Karia, “A mappingbased podel for preventing Cross site scripting and SQL injection attacks on web application and its impact analysis,” Proc. 2015 1st Int. Conf. Next Gener. Comput. Technol. NGCT 2015, no. September, pp. 414–418, 2016.

S. Charania and V. Vyas, “SQL Injection Attack :Detection and Prevention,” Int. Res. J. Eng. Technol., pp. 2395–56, 2016.

S. Mirdula and D. Manivannan, “Security vulnerabilities in web application - An attack perspective,” Int. J. Eng. Technol., vol. 5, no. 2, pp. 1806–1811, 2013.

M. Kaushik and G. Ojha, “Attack Penetration System for SQL Injection,” Int. J. Adv. Comput. Res., vol. 4, no. 2, pp. 724–732, 2014.

A. Sadeghian, M. Zamani, and A. A. Manaf, “A taxonomy of SQL injection detection and prevention techniques,” Proc. - 2013 Int. Conf. Informatics Creat. Multimedia, ICICM 2013, pp. 53–56, 2013.

A. John, “SQL Injection Prevention by Adaptive Algorithm,” IOSR J. Comput. Eng., vol. 17, no. 1, pp. 19–24, 2015.

B. S. Samantha and M. V Phanindra, “AN OVERVIEW ON THE UTILIZATION OF KALI LINUX TOOLS Professor Department of Information Technology , CBIT , Hyderabad , India,” vol. 5, no. 2, pp. 104–113, 2018.

R. M. Davison, M. G. Martinsons, and N. Kock, “Principles of canonical action research,” Inf. Syst. J., 2004.