Muhammad Arif Zikir Risky scite author profile

Optimalisasi dalam Penetrasi Testing Keamanan Website Menggunakan Teknik SQL Injection dan XSS

Risky

¹

,

Yuhandri

²

2021

View full text Add to dashboard Cite

SQLI (SQL Injection) and XSS are hacking techniques that are often used by hackers. This technique can find out the contents of the database by inserting a script on the website. This technique can be a threat if a website does not have security that can ward off such attacks. Hackers will look for loopholes using this technique in a login menu, searching, upload menu, input menu and URLs that have parameters ending in numbers, but not all websites that can be attacked use this technique if you don't limit the use of characters. This research was conducted to find out the gaps in a website that can be attacked with SQLI and XSS techniques and help optimize website security to avoid these attacks. Penetration testing will be carried out on a CV car rental website. Merdeka Auto Rental which is located in Padang City. This penetration testing uses SQLI and XSS techniques to find security holes in a website. The result of this test is that on the car rental website there are 12 gaps that are vulnerable to SQLI and XSS attacks, based on the results of these tests, a PHP script function is made that can remove all dangerous special characters. The script function is inserted in the PHP input, process and output files. The use of this script function does not apply to attacks other than SQLI and XSS so that if hackers use attack techniques other than that, this website is vulnerable to these attacks. After the script is inserted in the source code of the website, it can be concluded that the 12 known loopholes in the previous test without using the script function have changed status to not vuln or not vulnerable to SQLI and XSS attacks.

show abstract

Analisis Persepsi Mahasiswa FEBI IAIN Ponorogo pada Masa Transisi Perkuliahan Daring menuju Blended Learning

Amri¹,

Najib²,

Prihamayu³

et al. 2022

edumaspuljr

0

View full text Add to dashboard Cite

Penelitian ini bermaksud untuk mengetahui persepsi mahasiswa terhadap perkuliahan daring pada semester Gasal tahun akademik 2021/2022, kendala-kendala yang dihadapi, media yang digunakan, media dan metode perkuliahan yang sebaiknya digunakan di semester selanjutnya dan apa saja harapan mahasiswa untuk perkuliahan di semester berikutnya. Responden terdiri dari mahasiswa sarjana aktif di Fakultas Ekonomi dan Bisnis Islam IAIN Ponorogo angkatan 2016 s/d 2021. Data dikumpulkan dengan menggunakan sebaran link angket kuesioner online melalui google forms yang disebarkan melalui pesan di grup WhatsApp. Teknik pengolahan dan analisa data menggunakan metode kuantitatif dan kualitatif. Metode analisis data kuantitatif dilakukan secara deskriptif sedangkan analisis data kualitatif ditempuh melalui tahapan pengumpulan data, reduksi data, penyajian data, dan penarikan kesimpulan. Kesimpulan penelitian menunjukkan persepsi positif mahasiswa terhadap perkuliahan daring adalah karena keluasan waktu, lebih dekat dengan keluarga, lebih hemat biaya. Sedangkan persepsi negatifnya susah sinyal, kekurangan kuota internet, dan sulit memahami materi. Media perkuliahan yang banyak digunakan adalah E-learning IAIN Ponorogo, Google Classrooms, WhatsApp, dan Google Meet. Mayoritas mahasiswa menghendaki perkuliahan dilakukan secara blended. Sejumlah harapan yang disampaikan diantaranya perbaikan sistem e-learning, komunikasi yang lebih intensif, dan adanya bantuan kuota dari pemerintah.

show abstract

Optimalisasi dalam Penetrasi Testing Keamanan Website Menggunakan Teknik SQL Injection dan XSS

Risky¹,

Yuhandri²

2021

JSisfotek

0

View full text Add to dashboard Cite

SQLI (SQL Injection) and XSS are hacking techniques that are often used by hackers. This technique can find out the contents of the database by inserting a script on the website. This technique can be a threat if a website does not have security that can ward off such attacks. Hackers will look for loopholes using this technique in a login menu, searching, upload menu, input menu and URLs that have parameters ending in numbers, but not all websites that can be attacked use this technique if you don't limit the use of characters. This research was conducted to find out the gaps in a website that can be attacked with SQLI and XSS techniques and help optimize website security to avoid these attacks. Penetration testing will be carried out on a CV car rental website. Merdeka Auto Rental which is located in Padang City. This penetration testing uses SQLI and XSS techniques to find security holes in a website. The result of this test is that on the car rental website there are 12 gaps that are vulnerable to SQLI and XSS attacks, based on the results of these tests, a PHP script function is made that can remove all dangerous special characters. The script function is inserted in the PHP input, process and output files. The use of this script function does not apply to attacks other than SQLI and XSS so that if hackers use attack techniques other than that, this website is vulnerable to these attacks. After the script is inserted in the source code of the website, it can be concluded that the 12 known loopholes in the previous test without using the script function have changed status to not vuln or not vulnerable to SQLI and XSS attacks.

show abstract