Teknik Uji Penetrasi Web Server Menggunakan SQL Injection dengan SQLmap di Kalilinux

Hermawan, Rudi

doi:10.30998/string.v6i2.11477

Cited by 7 publications

(4 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…This cybercrime threat can occur because of inputs that are not properly filtered in its manufacture, so it creates a loophole that can be abused [8], an example of which can be seen in In the absence of a filter on the website url, most likely, the website is vulnerable to SQL injection [9]. For example can be seen in Figure 1, the address www.example/id.php?=1, behind the url address, there is a GET method, meaning that the url is requesting access to the database with the syntax, "Select * from example where id =1, here the database returns a value, to display all tables with id = 1, therefore, if the attacker knows the structure of the website's database, then the attacker can retrieve all existing data in the database of the attacked website [10]. Every year the attack with the highest percentage is SQL injection [11], which can be seen in Fig.…”

Section: Sql Injectionmentioning

confidence: 99%

Vulnerability Detection With K-Nearest Neighbor and Naïve Bayes Method using Machine Learning

Herman,

Riadi,

Kurniawan

2023

Int. J. Artif. Intell. Res

View full text Add to dashboard Cite

In this day and age, the use of the Internet has increased. SQL injection is a serious security threat on the Internet for various dynamic websites. As the use of the Internet for various online services increases, so make the security threats that exist on the Web. SQL injection attacks are one of the most serious security vulnerabilities on the Web. Most of these vulnerabilities are caused by a lack of input validation and the use of SQL parameters. SQLMap is an application from the Kali Linux operating system that is useful for injecting data on a website by using the features available in this application. In this paper, author conducts a security assessment to detect attacks on a website, more precisely to detect SQL Injection attacks, using the K-Nearest Neighbor method and naïve bayes. The results obtained are that the website being tested has SQL Injection vulnerabilities, and the K-Nearest Neighbor method is the best method for this case because it has an accuracy of 94.2%. In comparison, the Naïve Bayes method has an accuracy of 80%.

show abstract

Section: Sql Injectionmentioning

confidence: 99%

Vulnerability Detection With K-Nearest Neighbor and Naïve Bayes Method using Machine Learning

Herman,

Riadi,

Kurniawan

2023

Int. J. Artif. Intell. Res

View full text Add to dashboard Cite

show abstract

“…Assailants alter SQL Injection to get data and the information base server, permitting them to enter the framework without a record. Accordingly, aggressors can control information inside the data set [17]. The security vulnerability is exposed when an attacker inputs string values and other control characters into SQL statements by modifying the SQL commands stored in the client application's memory.…”

Section: J Sql Injectionmentioning

confidence: 99%

Network Attack Detection Using Intrusion Detection System Utilizing Snort Based on Telegram

Dharma,

Rino

2023

bit-Tech

View full text Add to dashboard Cite

The constantly evolving of information technology landscape has made information security something of paramount importance, yet the development of information technology is not met with a corresponding advancement in its security systems. As a result, in the current era, there is a multitude of cybercrimes in the realm of the internet. Therefore, this research aims to create a computer network attack detector using the Linux operating system by leveraging the Telegram-based Snort application and employing the Intrusion Detection System (IDS) method through an IDS-based application, namely Snort. Additionally, this study incorporates features for blocking IP addresses and changing the Linux server password through the Telegram application for initial response when an attack is detected, accomplished by sending specific commands within the Telegram application. Furthermore, this paper also introduce a feature for categorizing the risk of computer network attacks into three categories: Low, Medium, and High within the Telegram application. The results of this research demonstrate that Snort can detect predefined rules and send alerts to the Telegram application for every attack occurring within the Wireless Local Area Network (WLAN). Successful IP address blocking is achieved through Telegram integration with the Iptables application, and changing the Linux server password is also accomplished through Telegram by integrating the bash shell programming language found in the Terminal of the Linux operating system. Finally, the risk of attacks can be viewed within the Telegram application.

show abstract

“…The Mole (Aprilia Monica Sari) menjadi perangkat yang baik untuk pemula yang sedang belajar dalam melakukan penetrasi pada sistem, jaringan, dan aplikasi [9], karena di dalam kali linux terdapat lebih dari 300 tools dengan fungsinya masingmasing yang dapat dimanfaatkan untuk melakukan pengujian keamanan pada suatu sistem [10].…”

Section: Pengukuran Efektivitas Sql Injection Pada Website Dengan Men...unclassified

Pengukuran Efektivitas Serangan SQL Injection Pada Website Dengan Menggunakan Tools Jsql, Havij, Dan the Mole

Aprilia Monica Sari,

Trihana Santhi,

Dewa Ketut Alit Maha Putra

et al. 2023

JITEK

View full text Add to dashboard Cite

Along with current technological developments, security for data information residing on websites is very vulnerable to crimes in the internet world such as attacks on security holes in the database layer or often known as SQL Injection. SQL Injection attack is a method to insert SQL commands as input through an application, namely Kali Linux, in order to gain access to the database. This attack can find out usernames, passwords, and other data that is in the database. So that the SQL Injection attack is one of the most popular attacks and is often used to take advantage of security holes in the system because of how easy it is to use it. This study aims to test the level of effectiveness of SQL Injection attacks using the tools in it against a website. Testing the effectiveness is done by doing a comparison between the three tools that are in SQL Injection. The results of the research on the effectiveness of the tools in SQL Injection are the accuracy of database search times and the accuracy of information from the database.

show abstract

Teknik Uji Penetrasi Web Server Menggunakan SQL Injection dengan SQLmap di Kalilinux

Cited by 7 publications

References 0 publications

Vulnerability Detection With K-Nearest Neighbor and Naïve Bayes Method using Machine Learning

Vulnerability Detection With K-Nearest Neighbor and Naïve Bayes Method using Machine Learning

Network Attack Detection Using Intrusion Detection System Utilizing Snort Based on Telegram

Pengukuran Efektivitas Serangan SQL Injection Pada Website Dengan Menggunakan Tools Jsql, Havij, Dan the Mole

Contact Info

Product

Resources

About