Web Application Security Testing Against SQL Injection Attacks Using SQL Map
##plugins.themes.academic_pro.article.sidebar##
Downloads
##plugins.themes.academic_pro.article.main##
Abstract
Web application security is a major concern due to the increasing threat of cyberattacks, especially SQL injection attacks, which threaten the integrity, confidentiality, and availability of data. This study aims to measure the vulnerability of web applications to SQL injection attacks using penetration testing methods. This test is carried out using a tool in the form of SQLMAP that can detect and exploit vulnerabilities through the boolean-based blind SQL injection technique and the error-based injection technique. In addition, this study also implements and tests the protection ability using the addlashes()- based input filtering method in PHP. The test results show that SQLMAP is widely used because protection against this vulnerability can provide a robust solution on how to protect web applications. That way, web applications are expected to be safe from attacks that damage existing data and systems
##plugins.themes.academic_pro.article.details##
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
References
Mencegah SQL Injection," SEMINAR NASIONAL CORISINDO, 2024.
[2] M. D. F. S. I. G. Tino Imam Maulana Pratama1, "Analisis Serangan dan Keamanan pada
SQL Injection: Sebuah," JIIFKOM (Jurnal Ilmiah Informatika & Komputer) STTR Cepu, 2022.
[3] I. A. K. A. S. F. S. Luthfi Arian Nugraha, "SQL Injection: Analisis Efektivitas Uji Penetrasi
dalam Aplikasi Web," SMATIKA : STIKI Informatika Jurnal, 2024.
[4] R. N. I. K. Yovie Ferdianto1, "Penerapan Keamanan Login Admin Dan Filterisasi Input
Untuk Mencegah Sql Injection," JURNAL INFORMATIKA REKAYASA PERANGKAT
LUNAK (JATIKA), 2023.
[5] R. F. E. M. S. S. Yehezkiel Natanael, "Analisis Keamanan Informasi Bagi Pengguna Website
Menggunakan Kalilinux Melalui Teknik SQL Injection," Jurnal Ilmiah Teknik Informatika
(TEKINFO), 2024.
[6] W. A. P. R. A. Bangkit Wiguna, "Implementasi Web Application Firewall Dalam Mencegah
Serangan SQL Injection Pada Website," JURNAL TEKNOLOGI INFORMASI DAN
KOMUNIKASI , 2020.
[7] H. S. L. A. Ade Bastian, "ANALISIS KEAMANAN APLIKASI DATA POKOK
PENDIDIKAN (DAPODIK) MENGGUNAKAN PENETRATION TESTING DAN SQL
INJECTION," JURNAL INFOTECT, 2020.
[8] H. H. K. A. I. M. Andika Saputra, "Mengatasi Keamanan di dalam SQL Injection dan cara
mencegahnya," Prosiding Annual Research Seminar 2017 Computer Science and ICT, 2017.
[9] D. F. R. Rakhmadi Rahman, "PENGUJIAN PENETRASI JARINGAN MENGGUNAKAN
OWASP ZAP DAN SQLMAP UNTUK MENGIDENTIFIKASI KERENTANAN
KEAMANAN WEBSITE," JURNAL RISET SISTEM INFORMASI, 2024.
[10] B. M. R. D. R. H. R. D. A. Y. A. S. Ade Riyanti, "Uji Penetrasi Injeksi SQL terhadap Celah
Keamanan Database Website menggunakan SQLmap," Journal of Internet and Software
Engineering, 2024.
[11] K. P, Ekologi Industri, Yogyakarta: Andi Offset, 2013.
[12] O'Brien and Marakas, Management Information System Sixteenth Edition, New York: Mc
Graw Hill, 2013.
[13] M. Muslihudin and Oktavianto, Analisis dan Perancangan Sistem Informasi Menggunakan
Model Terstruktur dan UML, Yogyakarta: Andi Offset, 2016.
[14] R. A. Sukamto and M. Shalahuddin, Rekayasa Perangkat Lunak Terstruktur dan
Berorientasi Objek, Bandung: Informatika, 2015.
[15] B. Hartono, Sistem Informasi Manajemen Berbasis Komputer, Jakarta: Rineka Cipta, 2013.
[16] I. Mulyani, E. Satria and A. D. Supriatna, "Pengembangan Short Message Service (SMS)
Gateway Layanan Informasi Akademik," Jurnal Algoritma, vol. 9, no. 2, pp. 389-397, May
2013.