skripsi -...

VULNERABILITY ANALISIS UNTUK PENINGKATAN

SISTEM KEAMANAN WEBSITE

(STUDI KASUS DI LINGKUNGAN UMM)

SKRIPSI

Sebagai Persyaratan Guna Meraih Gelar Sarjana Strata I

Teknik Informatika Universitas Muhammadiyah Malang

FAJAR MUHAMMAD TAUFIQ

201210370311042

JURUSAN TEKNIK INFORMATIKA

FAKULTAS TEKNIK

UNIVERSITAS MUHAMMADIYAH MALANG

2017

viii

KATA PENGANTAR

Alhamdulillahirabbil’alamiin, Puji syukur penulis panjatkan kepada Allah

SWT karena dengan rahmat-Nya pelaksanaan dan penyusunan skripsi yang

berjudul “Vulnerability Analisis untuk Peningkatan Sistem Keamanan website

(Studi Kasuss di Lingkungan UMM)” dapat diselesaikan sebagai persyaratan

menyelesaikan Sarjana Strata Satu (S1) Jurusan Teknik Informatika, Fakultas

Teknik Universitas Muhammadiyah Malang.

Penulisan skripsi ini tidak terlepas dari bantuan dan dukungan pelbagai

pihak. Oleh karena itu, ucapan terima kasih penulis sampaikan kepada :

Semoga Allah SWT memberikan balasan yang berlipat ganda dari segala

kebaikan yang telah dilakukan.

Penulis menyadari bahwa skripsi ini masih belum sempurna. Oleh karena

itu, kritik dan saran yang membangun penulis harapkan sebagai masukan kearah

yang lebih baik lagi. Demikian penulis berharap agar laporan penelitian ini dapat

berguna untuk kita semua.

Malang, 20 November 2016

Penulis

ix

DAFTAR ISI

LEMBAR PERSETUJUAN.................................................................................... II

LEMBAR PENGESAHAN ................................................................................... III

LEMBAR PERNYATAAN KEASLIAN .............................................................. IV

ABSTRAK .............................................................................................................. V

ABSTRACT .......................................................................................................... VI

LEMBAR PERSEMBAHAN .............................................................................. VII

KATA PENGANTAR .......................................................................................... VIII

BAB I PENDAHULUAN ........................................................................................ 1

1.1 Latar Belakang .............................................................................................. 1

1.2 Rumusan Masalah ......................................................................................... 3

1.3 Batasan Masalah ............................................................................................ 3

1.4 Tujuan Penelitian ........................................................................................... 3

1.5 Metodologi Penelitian ................................................................................... 3

1.6 Metodologi Pengujian ................................................................................... 4

1.7 Sistematika Penulisan .................................................................................... 5

BAB II LANDASAN TEORI .................................................................................. 7

2.1 Penelitian Terdahulu ...................................................................................... 7

2.2 Keamanan Informasi ..................................................................................... 8

2.3 Vulnerability website ..................................................................................... 8

2.3.1 Injection ................................................................................................. 9

2.3.2 Broken Authentication and Session Management ................................. 9

2.3.3 Cross Site Scripting (XSS) .................................................................... 9

2.3.4 Local File Inclusion ............................................................................... 9

2.3.5 Insecure Direct Object Reference .......................................................... 9

2.3.6 Sensitive Data Exposure ...................................................................... 10

2.3.7 Missing Function Level Access Control .............................................. 10

2.4 Vulnerability Assessment ............................................................................ 10

2.5 Penetration Testing ...................................................................................... 10

2.5.1 External Penetration Testing ................................................................ 11

2.5.2 Internal Penetration Testing ................................................................. 11

x

2.5.3 Black-box Penetration Testing ............................................................. 11

2.6 Hacking Phases ............................................................................................ 12

2.6.1 Reconnaissance .................................................................................... 12

2.6.2 Scanning .............................................................................................. 12

2.6.3 Gaining Access .................................................................................... 12

2.6.4 Maintaining Access .............................................................................. 13

2.6.5 Clearing Tracks .................................................................................... 13

2.7 Pengujian Celah keamanan pada web application ...................................... 13

2.7.1 FootPrint Web Infrastructure ............................................................... 13

2.7.2 Analyze Web Applications ................................................................... 13

2.7.3 Attack Authentication Mechanism ....................................................... 13

2.7.4 Attack Authorization Schemes ............................................................. 14

2.7.5 Attack session Management Mechanism ............................................. 14

2.7.6 Perform Injection Attacks .................................................................... 14

2.7.7 Attack Data Connectivity ..................................................................... 14

2.7.8 Attack Web App Client ........................................................................ 14

2.8 Komponen Pendukung ................................................................................ 15

2.8.1 Burp Suite ............................................................................................ 15

2.8.2 W3af .................................................................................................... 15

2.8.3 Nmap.................................................................................................... 15

2.8.4 YouGetSignal ....................................................................................... 16

2.8.5 Sqlmap ................................................................................................. 16

BAB III ANALISIS DAN PERANCANGAN ....................................................... 17

3.1 Analisis Permasalahan ................................................................................. 17

3.2 Analisis Metode Serangan ........................................................................... 17

3.2.1 Analisis Footprinting ........................................................................... 18

3.2.2 Analisis Scanning ................................................................................ 19

3.2.3 Analisis Gaining Access ...................................................................... 20

3.3 Analisis Metode untuk Menutup Celah Keamanan website ........................ 25

3.3.1 SQL Injection ....................................................................................... 25

3.3.2 Site Cross Scripting (XSS) .................................................................. 26

3.3.3 Local file Inclusion (LFI) .................................................................... 26

xi

3.3.4 Broken Authentication and session management ................................ 26

3.3.5 Unrestricted Upload of File ................................................................. 26

3.3.6 Missing Function Level Access Control .............................................. 27

BAB IV IMPLEMENTASI DAN PENGUJIAN ................................................... 28

4.1 Implementasi ............................................................................................... 28

4.1.1 Scanning terhadap website UMM ....................................................... 28

4.1.2 Gaining Access .................................................................................... 38

4.1.3 Metode untuk menutup celah keamanan ............................................. 51

BAB V PENUTUP ................................................................................................. 55

5.1 Kesimpulan .................................................................................................. 55

5.2 Saran ............................................................................................................ 55

DAFTAR PUSTAKA ............................................................................................. 56

xii

DAFTAR GAMBAR

Gambar 1.1 tahapan metodologi eksperimen[8] ...................................................... 4

Gambar 3.1 hacking phases[9] ............................................................................... 18

Gambar 3.2 gambaran web server UMM ............................................................... 19

Gambar 3.3 mekanisme SQLI ................................................................................ 21

Gambar 3.4 mekanisme XSS ................................................................................. 22

Gambar 3.5 mekanisme LFI ................................................................................... 23

Gambar 3.6 mekanisme broken authentication ...................................................... 23

Gambar 3.7 unrestricted upload ............................................................................. 24

Gambar 3.8 mekanisme missing function level access control ............................. 25

Gambar 3.9 mekanisme mysql_escape[19] ........................................................... 25

Gambar 4.1 subdomain umm.ac.id ........................................................................ 29

Gambar 4.2 ping terhadap server ........................................................................... 30

Gambar 4.3 subdomain krs.umm.ac.id................................................................... 30

Gambar 4.4 subdomain infokhs.umm.ac.id ........................................................... 31

Gambar 4.5 report Burp Suite XSS ........................................................................ 33

Gambar 4.6 response server ................................................................................... 33

Gambar 4.7 report LFI ........................................................................................... 34

Gambar 4.8 response server ................................................................................... 34

Gambar 4.9 email BAA.......................................................................................... 35

Gambar 4.10 error-based SQLI .............................................................................. 35

Gambar 4.11 report SQLi ....................................................................................... 36

Gambar 4.12 response server ................................................................................. 36

Gambar 4.13 report Burp Suite .............................................................................. 37


Gambar 4.15 login umm.ac.id ................................................................................ 39

Gambar 4.16 login website informatika.umm.ac.id ............................................... 39

Gambar 4.17 login humas www.umm.ac.id ........................................................... 40

Gambar 4.18 eksploitasi LFI .................................................................................. 40

Gambar 4.19 payload uptime ................................................................................. 41

Gambar 4.20 kd1 vulnerable error-based ............................................................... 42

Gambar 4.21 database krs.umm.ac.id .................................................................... 42

xiii

Gambar 4.22 login admin krs.umm.ac.id ............................................................... 43

Gambar 4.23 upload mahasiswa ............................................................................ 43

Gambar 4.24 Nim krs.umm.ac.id ........................................................................... 44

Gambar 4.25 parameter golek error-based ............................................................. 44

Gambar 4.26 database neomaa ............................................................................... 45

Gambar 4.27 wesbite maa2.umm.ac.id .................................................................. 46

Gambar 4.28 administrator maa2.umm.ac.id ......................................................... 46

Gambar 4.29 telusur mahasiswa ............................................................................ 47

Gambar 4.30 parameter no_peserta error-based .................................................... 48

Gambar 4.31 database online.pmb.umm.ac.id ....................................................... 48

Gambar 4.32 form login cetak kartu ...................................................................... 49

Gambar 4.33 request repeater ................................................................................ 49


Gambar 4.35 file upload.php .................................................................................. 50

Gambar 4.36 form input email ............................................................................... 51

Gambar 4.37 mysqli_escape_string()..................................................................... 52

Gambar 4.38 htmlspecialchars() ............................................................................ 52

Gambar 4.39 str_replace() ...................................................................................... 52

Gambar 4.40 upload file ......................................................................................... 53

Gambar 4.41 session .............................................................................................. 53

Gambar 4.42 session check .................................................................................... 54

xiv

DAFTAR TABEL

Tabel 1.1 pengujian keamanan dan metode untuk menutup celah keamanan .......... 5

Tabel 2.1 penelitian terdahulu .................................................................................. 7

Tabel 3.1 software scanning ................................................................................... 20

Tabel 3.2 software Gaining access ......................................................................... 20

Tabel 3.3 Sql injection attack characters ................................................................ 21

Tabel 3.4 perubahan karakter ................................................................................. 26

Tabel 4.1 subdomain umm.ac.id ............................................................................ 29

Tabel 4.2 scanning Nmap jaringan internet ............................................................ 31

Tabel 4.3 scanning Nmap jaringan intranet ............................................................ 32

Tabel 4.4 daftar vulnerability website UMM ......................................................... 38

Tabel 4.5 lfi krs.umm.ac.id ..................................................................................... 40

Tabel 4.6 SQLI krs.umm.ac.id ............................................................................... 41

Tabel 4.7 vulnerable krs.umm.ac.id ....................................................................... 43

Tabel 4.8 broken authentication ............................................................................. 46

Tabel 4.9 SQLI online.pmb.umm.ac.id .................................................................. 47

Tabel 4.10 upload file online.pmb.umm.ac.id ........................................................ 48

Tabel 4.11 reset password infokhs.umm.ac.id ....................................................... 50

56

DAFTAR PUSTAKA

[1] D. Metasari, “Analisis Keamanan Website Di Universitas Muhammadiyah

Surakarta,” Universitas Muhammadiyah Surakarta, 2014.

[2] A. Razzaq, Z. Anwar, H. F. Ahmad, K. Latif, dan F. Munir, “Ontology for

attack detection: An intelligent approach to web application security,”

Comput. Secur., vol. 45, hal. 124–146, Sep 2014.

[3] P. R. Phil dan others, “OWASP Top 10: The Top 10 Most Critical Web

Application Security Threats Enhanced with Text Analytics and Content by

PageKicker Robot Phil 73,” 2014.

[4] “About The Open Web Application Security Project - OWASP.” [Daring].

Tersedia pada: https://www.owasp.org/index.php/About_OWASP. [Diakses:

01-Feb-2017].

[5] “Methodology Vulnerability Assessment | GovCSIRT – Kementerian

Komunikasi dan Informatika.” [Daring]. Tersedia pada:

http://govcsirt.kominfo.go.id/254/. [Diakses: 11-Okt-2016].

[6] J. R. Vacca, Ed., Computer and information security handbook. Amsterdam ;

Boston : Burlington, MA: Elsevier ; Morgan Kaufmann, 2009.

[7] D. Kar dan S. Panigrahi, “Prevention of SQL Injection attack using query

transformation and hashing,” in Advance Computing Conference (IACC),

2013 IEEE 3rd International, 2013, hal. 1317–1323.

[8] P. M. B. F. de Abreu, “New information technologies in public participation:

a challenge to old decision-making institutional frameworks,” Citeseer, 2002.

[9] EC-Council, “CEHV8 Module 01 Introduction to Ethical Hacking.” 2012.

[10] “Category:Vulnerability - OWASP.” [Daring]. Tersedia pada:

https://www.owasp.org/index.php/Category:Vulnerability. [Diakses: 16-Okt-

2016].

[11] EC-Council, “CEHv8 Module 20 Penetration Testing.” 2012.

[12] EC-Council, “CEH-Handbook-v2.0.” 2016.

[13] EC-Council, “CEHv8 Module 13 Hacking Web Applications.” 2012.

[14] “Burp Suite.” [Daring]. Tersedia pada: https://portswigger.net/burp/. [Diakses:

11-Jan-2017].

57

[15] “w3af - Open Source Web Application Security Scanner.” [Daring]. Tersedia

pada: http://w3af.org/. [Diakses: 15-Jan-2017].

[16] “Panduan Refensi Nmap (Man Page, bahasa Indonesia).” [Daring]. Tersedia

pada: https://nmap.org/man/id/index.html#man-description. [Diakses: 11-Jan-

2017].

[17] “About YouGetSignal.” [Daring]. Tersedia pada:

http://www.yougetsignal.com/about/. [Diakses: 11-Jan-2017].

[18] “sqlmap: automatic SQL injection and database takeover tool.” [Daring].

Tersedia pada: http://sqlmap.org/. [Diakses: 11-Jan-2017].

[19] A. Sadeghian, M. Zamani, dan A. A. Manaf, “SQL injection vulnerability

general patch using header sanitization,” in Computer, Communications, and

Control Technology (I4CT), 2014 International Conference on, 2014, hal.

239–242.

skripsi -...

Documents