Website Penetration Testing With SQL Injection Technique Using SQLMAP on Termux

##plugins.themes.academic_pro.article.main##

Gilang Ryan Fernandes
Ika Mei Lina

Abstract

Websites make it easier for us to find information or do our daily work. Almost all companies have websites, be it company profiles or application websites. With the development of technology, some programmers forget about website security. Websites with security weaknesses can be easily hacked, such as changing appearance to taking essential data. One thing to watch out for is external factors in the form of attacks carried out by hackers using the SQL Injection technique. This technique can find and take all databases stored on the website server. The purpose of this study is so that programmers and companies, in general, can be more careful with this attack so as not to experience losses from both the company and the consumer side. The results obtained in this study show that SQL injection attacks can cause significant losses because they can modify and take over the database on the attacked website. This tool also runs automatically so that laypeople without an understanding of hacking can carry out this attack. Thus, programmers can secure their websites using techniques to secure SQL Injection attacks.

##plugins.themes.academic_pro.article.details##

How to Cite
Gilang Ryan Fernandes, & Ika Mei Lina. (2024). Website Penetration Testing With SQL Injection Technique Using SQLMAP on Termux. Jurnal E-Komtek (Elektro-Komputer-Teknik), 8(2), 286-293. https://doi.org/10.37339/e-komtek.v8i2.2074

References

[1] R. Al Ihsan and B. A. Sekti, “Pentingnya Keamanan Data Dalam Era Digital : Refleksi Terhadap Serangan Hacker Pada Pusat Data Nasional Indonesia,” pp. 2–6, 2023.
[2] W. Wahyudin, H. Kuswara, R. Resti, and S. Dalis, “Metode Vulnerability Assesment Dalam Pengujian Kinerja Sistem Keamanan Website Points of Sales,” Comput. Sci., vol. 4, no. 1, pp. 44–52, 2024, doi: 10.31294/coscience.v4i1.2978.
[3] N. Bhateja, S. Sikka, and A. Malhotra, “A Review of SQL Injection Attack and Various Detection Approaches,” Smart Sustain. Intell. Syst., no. November 2017, pp. 481–489, 2021, doi: 10.1002/9781119752134.ch34.
[4] Fatul Faatihah et al., “Analisis dan Evaluasi Terkait Keamanan pada Web Server,” J. Ilm. Sains dan Teknol., vol. 2, no. 7, pp. 73–77, 2024.
[5] A. Riyanti, B. M. Rahmanto, D. R. Hardianto, R. D. A. Yuristiawan, and A. Setiawan, “Uji Penetrasi Injeksi SQL terhadap Celah Keamanan Database Website menggunakan SQLmap,” J. Internet Softw. Eng., vol. 1, no. 4, p. 9, 2024, doi: 10.47134/pjise.v1i4.2623.
[6] Y. Z. Surentu, D. M. D. Warouw, and M. Rembang, “Pentingnya Website Sebagai Media Informasi Destinasi Wisata Di Dinas Kebudayaan Dan Pariwisata Kabupaten Minahasa,” Acta Diurna Komun., vol. 2, no. 4, pp. 1–17, 2020, [Online]. Available: https://ejournal.unsrat.ac.id/index.php/actadiurnakomunikasi/article/view/31117/29843
[7] A. A. A. Ushud, I. Novita, and N. Juliasari, “Pelatihan Pemanfaatan CMS Untuk Pembuatan Website Bagi OrangTua Siswa Sekolah Alam Tangerang,” JAM-TEKNO (Jurnal Pengabdi. Kpd. Masy. TEKNO), vol. 2, no. 1, pp. 20–25, 2021.
[8] Andria and I. Mubarok, “Pengujian Keamanan Basis Data Sistem Informasi Berbasis Web,” Semin. Nas. Apl. Sains Teknol., no. Prosiding SNAST 2021, pp. 66–74, 2021, [Online]. Available: https://ejournal.akprind.ac.id/index.php/snast/article/view/3392/2459
[9] B. Damele A. G. and M. Stampar, “sqlmap: automatic SQL injection and database takeover tool.” https://sqlmap.org/ (accessed Nov. 01, 2024).
[10] Z. A. Anwari, I. G. P. Wedana, J. Deva, K. D. D. Widyaputra, G. A. J. Saskara, and I. M. E. Listartha, “Analisis Kerentanan Pada Suatu Website Menggunakan Tools Xspear, Xsscon, Dan Pwnxss,” J. Inform. Teknol. dan Sains, vol. 4, no. 4, pp. 406–412, 2022, doi: 10.51401/jinteks.v4i4.2104.