Analysis of Website Security of SMKN 1 Pangandaran Against SQL Injection Attack Using OWASP Method

Abstract

Every technological development is usually accompanied by an increase in security on a digital platform that is widely used by a large audience. However, with the rapid development of information technology, some of the security gaps found can be used as loopholes to commit crimes where these actions can harm others. These actions are often carried out by irresponsible people to benefit from the actions taken. Some of the gaps that are often found on digital platforms, especially on websites are SQL Injection where from BSSN data from January to April 2019, 73% of the vulnerability reports received are SQL Injection vulnerabilities. In addition, SQL Injection is also the number one threat to the security of a website application, where this SQL Injection attack is a code injection attack technique that is carried out by exploiting the security gaps that exist in the database layer of a website. In this study, taking the theme of SQL Injection which aims to conduct security analysis from the website of the school agency SMKN 1 Pangandaran, using OWASP which is used to carry out the analysis process. The result of testing the system on the website is where the attacker can perform injection using SQL payload to enter the database. Where the results of system analysis and testing will be recommended to close gaps on existing websites.