Abstract
SMAN 1 Sumbawa is a school that provides information to students through a website-based information system to facilitate school administration services. Considering that the Website can be accessed widely, it is necessary to pay attention to the security of the Website. One of them is by using the Vulnerability Assessment method. The Vulnerability Assessment method is a method for conducting vulnerability testing on a website or application that has the potential to enter an attack which consists of several stages such as Network Discovering, Vulnerability Scanning, and Result Analysis. This stage aims to identify security holes on the SMAN 1 Sumbawa website. The tests that have been carried out have identified four levels of vulnerability, namely high, medium, low, and informational on the SMAN 1 Sumbawa website. The hight vulnerability level obtained is SQL Injection. The SQL Injection vulnerability makes it easy for attackers to access the entire database. The results of the tests that have been carried out show that the SMAN 1 Sumbawa Website has many vulnerabilities or Vulnerability that the SMAN 1 Sumbawa Website is still in an unsafe state.
Highlights
Perkembangan teknologi saat ini mengalami perubahan yang sangat pesat
of them is by using the Vulnerability Assessment method
The Vulnerability Assessment method is a method for conducting vulnerability testing on a website or application
Summary
Analisis Tahap ini bertujuan untuk mencari celah kerentanan atau Vulnerability pada website SMAN 1 Sumbawa dengan menggunakan tool Open Web Aplication Security Project (OWASP), yang mencangkup beberapa celah keamanan seperti SQL injection, CrossDomain Java Scrip Source File Inclusion. Adapun hasil Scanning oleh tool Nslookup pada website SMAN 1 Sumbawa menampilkan informasi IP yaitu “119.235.249.36”. Pengujian Kerentanan Vunerability Scannin guntuk mencari celah kerentanan keamanan pada Website SMAN 1 Sumbawa penulis menggunakan tool Open Web Aplication Security Project (OWASP). Berdasarkan hasil pengujian yang dilakukan pada tool Open Web Aplication Security Project (OWASP), didapatkan beberapa celah keamana yang ada di Website SMAN Sumbawa diantaranya berupa : SQL Injection, X-Frame Options Header Not Set, Absence of Anti-CSRF Tokens, Cookie No flag, Cookie Without Same Site Attribute, Cross-Domain Java Script Source File Inclusio, Server Leaks Information via”X-By “HTTP Response Header Field (s), Timestamp Disclosure-Uni
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
