PENGUKURAN EFEKTIVITAS SERANGAN SQL INJECTION PADA WEBSITE DENGAN MENGGUNAKAN TOOLS JSQL, HAVIJ, DAN THE MOLE
DOI:
https://doi.org/10.55606/jitek.v3i1.905Keywords:
Database, Keamanan, Serangan, SQL Injection, KerentananAbstract
Along with current technological developments, security for data information residing on websites is very vulnerable to crimes in the internet world such as attacks on security holes in the database layer or often known as SQL Injection. SQL Injection attack is a method to insert SQL commands as input through an application, namely Kali Linux, in order to gain access to the database. This attack can find out usernames, passwords, and other data that is in the database. So that the SQL Injection attack is one of the most popular attacks and is often used to take advantage of security holes in the system because of how easy it is to use it. This study aims to test the level of effectiveness of SQL Injection attacks using the tools in it against a website. Testing the effectiveness is done by doing a comparison between the three tools that are in SQL Injection. The results of the research on the effectiveness of the tools in SQL Injection are the accuracy of database search times and the accuracy of information from the database.
References
RAMADHANI, Aditya. Keamanan Informasi. Nusantara Journal of Information and Library Studies (N-JILS), 2018, 1.1: 39-51. [Accessed Nov. 11, 2022].
METKONO, Akhis Mistus. PERANCANGAN SISTEM PENGARSIPAN SURAT MENYURAT GEREJA GMIT EFATA SOE BERBASIS WEB MENGGUNAKAN FRAMEWORK CODEIGNITER. JIKO (Jurnal Informatika dan Komputer), 2022, 5.1: 69-77. [Accessed Nov. 11, 2022]
INDRIANI, Yuni Wardatul. ANALISA KEAMANAN WEB SERVER TERHADAP SERANGAN POSSIBILITY SQL INJECTION Studi Kasus: Web Server UMK (Yuni Wardatul Indriani). 2020. [Accessed Nov. 11, 2022].
ARMAN, Molavi; RACHMAT, Nur. Implementasi Sistem Keamanan Web Server Menggunakan Pfsense. Jusikom: Jurnal Sistem Komputer Musirawas, 2020, 5.1: 13-23. [Accessed Nov. 29, 2022].
Riadi, I., Umar, R. and Sukarno, W., 2016. Analisis Forensik Serangan Sql Injection Menggunakan Metode Statis Forensik. In Pros. Interdiscip. Postgrad. Student Conf. 1st (Vol. 1, pp. 102-103). [Accessed Nov. 29, 2022].
PRATAMA, Tino Imam Maulana, et al. Analisis Serangan dan Keamanan pada SQL Injection: Sebuah Review Sistematik. JIIFKOM (Jurnal Ilmiah Informatika dan Komputer), 2022, 1.2: 27-32. [Accessed Nov. 29, 2022].
Baklizi, M., Atoum, I., Abdullah, N., Al-Wesabi, O. A., Otoom, A. A., & Hasan, M. A. S. (2022). A Technical Review of SQL Injection Tools and Methods: A Case Study of SQLMap. International Journal of Intelligent Systems and Applications in Engineering, 10(3), 75-85. [Accessed Nov. 29, 2022].
Mishra, A. K., & Kumar, A. (2020, July). Performance-based Comparative Analysis of Open Source Vulnerability Testing Tools for Web Database Applications. In 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT) (pp. 1-5). IEEE. [Accessed Nov. 29, 2022].
Hermawan, Rudi. "Teknik Uji Penetrasi Web Server Menggunakan SQL Injection dengan SQLmap di Kalilinux." STRING (Satuan Tulisan Riset dan Inovasi Teknologi) 6, no. 2 (2021): 210-216. [Accessed Nov. 29, 2022].
Andria, Andria. "Website Security Gap Analysis Using WEBPWN3R Tools at Kali Linux." Generation Journal 4, no. 2 (2020): 69-76. [Accessed Nov. 29, 2022].
