Pengujian Celah Keamanan pada Website Sistem Informasi Geografis dengan Metode Penetration Testing (Studi Kasus : PT. Citra Satria Utama)

Tantri, Ricki Alvin (2022) Pengujian Celah Keamanan pada Website Sistem Informasi Geografis dengan Metode Penetration Testing (Studi Kasus : PT. Citra Satria Utama). Undergraduate thesis, Universitas Katolik Musi Charitas.

[img] Text (Cover)
IF-2022-1813011-Cover.pdf
Download (1MB)
[img] Text (Abstract)
IF-2022-1813011-Abstract.pdf
Restricted to Registered users only
Download (8kB) | Request a copy
[img] Text (Tableofcontent)
IF-2022-1813011-Tableofcontent.pdf
Restricted to Registered users only
Download (225kB) | Request a copy
[img] Text (Chapter1)
IF-2022-1813011-Chapter1.pdf
Restricted to Registered users only
Download (135kB) | Request a copy
[img] Text (Chapter2)
IF-2022-1813011-Chapter2.pdf
Restricted to Registered users only
Download (604kB) | Request a copy
[img] Text (Chapter3)
IF-2022-1813011-Chapter3.pdf
Restricted to Registered users only
Download (372kB) | Request a copy
[img] Text (Chapter4)
IF-2022-1813011-Chapter4.pdf
Restricted to Registered users only
Download (2MB) | Request a copy
[img] Text (Conclusion)
IF-2022-1813011-Conclusion.pdf
Restricted to Registered users only
Download (127kB) | Request a copy
[img] Text (Reference)
IF-2022-1813011-Reference.pdf
Restricted to Registered users only
Download (240kB) | Request a copy
[img] Text (Attachmant)
IF-2022-1813011-Attachmant.pdf
Restricted to Registered users only
Download (1MB) | Request a copy
[img] Text (Complete)
IF-2022-1813011-complete.pdf
Restricted to Repository staff only
Download (6MB) | Request a copy
[img] Text (Summary ID)
IF-2022-1813011-summary_id.pdf
Restricted to Registered users only
Download (1MB) | Request a copy

Abstract

ABSTRACT With the need for information that is applied to a website, it requires easy access to information. However, information that is important requires good security so that not just anyone can access it. Attack techniques such as XSS, Directory Traversal Attack, Parameter Manipulation, and so on are real examples that there are many kinds of attacks if a website does not have good security. Therefore, for developers, it is necessary to search for security holes with the penetration process and find an evaluation so that the website cannot be manipulated by attackers. The penetration process is carried out on the sig-cdgroup.tech website as a test tool in finding existing security holes. So in this study, we will use the Penetration Testing method in testing security vulnerabilities, especially in XSS, Broken Access Control, Sensitive Data Exposure, and Sql Injection security vulnerabilities. The results and solutions of this research are that after the penetration technique, the sig-cdgroup.tech website there is an XSS gap that can be overcome by changing the javascript script that is inputted into characters, Broken Access Control can be overcome by adding a Session function, Sensitive Data Exposure can be overcome by setting the X-Frame-Option header with SAMEORIGIN and Sql Injection can be solved by adding the mysqli_real_escape_string() function to the login form query and to the Get Parameter Id.

Item Type: Thesis (Undergraduate)
Uncontrolled Keywords: XSS ; Broken Access Control ; Sensitive Data Exposure ; Sql Injection ; Penetration Testing
Subjects: T Technology > T Technology (General)
Divisions: Theses - S1 > Informatics Study Program
Depositing User: Ricki Alvin Tantri
Date Deposited: 15 Aug 2022 03:17
Last Modified: 20 Oct 2022 11:42
URI: http://eprints.ukmc.ac.id/id/eprint/8487

Actions (login required)

View Item View Item
Musi Charitas Catholic University Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.