VULNERABILITY ANALISIS UNTUK PENINGKATAN
SISTEM KEAMANAN WEBSITE
(STUDI KASUS DI LINGKUNGAN UMM)
SKRIPSI
Sebagai Persyaratan Guna Meraih Gelar Sarjana Strata I
Teknik Informatika Universitas Muhammadiyah Malang
FAJAR MUHAMMAD TAUFIQ
201210370311042
JURUSAN TEKNIK INFORMATIKA
FAKULTAS TEKNIK
UNIVERSITAS MUHAMMADIYAH MALANG
2017
viii
KATA PENGANTAR
Alhamdulillahirabbil’alamiin, Puji syukur penulis panjatkan kepada Allah
SWT karena dengan rahmat-Nya pelaksanaan dan penyusunan skripsi yang
berjudul “Vulnerability Analisis untuk Peningkatan Sistem Keamanan website
(Studi Kasuss di Lingkungan UMM)” dapat diselesaikan sebagai persyaratan
menyelesaikan Sarjana Strata Satu (S1) Jurusan Teknik Informatika, Fakultas
Teknik Universitas Muhammadiyah Malang.
Penulisan skripsi ini tidak terlepas dari bantuan dan dukungan pelbagai
pihak. Oleh karena itu, ucapan terima kasih penulis sampaikan kepada :
Semoga Allah SWT memberikan balasan yang berlipat ganda dari segala
kebaikan yang telah dilakukan.
Penulis menyadari bahwa skripsi ini masih belum sempurna. Oleh karena
itu, kritik dan saran yang membangun penulis harapkan sebagai masukan kearah
yang lebih baik lagi. Demikian penulis berharap agar laporan penelitian ini dapat
berguna untuk kita semua.
Malang, 20 November 2016
Penulis
ix
DAFTAR ISI
LEMBAR PERSETUJUAN.................................................................................... II
LEMBAR PENGESAHAN ................................................................................... III
LEMBAR PERNYATAAN KEASLIAN .............................................................. IV
ABSTRAK .............................................................................................................. V
ABSTRACT .......................................................................................................... VI
LEMBAR PERSEMBAHAN .............................................................................. VII
KATA PENGANTAR .......................................................................................... VIII
BAB I PENDAHULUAN ........................................................................................ 1
1.1 Latar Belakang .............................................................................................. 1
1.2 Rumusan Masalah ......................................................................................... 3
1.3 Batasan Masalah ............................................................................................ 3
1.4 Tujuan Penelitian ........................................................................................... 3
1.5 Metodologi Penelitian ................................................................................... 3
1.6 Metodologi Pengujian ................................................................................... 4
1.7 Sistematika Penulisan .................................................................................... 5
BAB II LANDASAN TEORI .................................................................................. 7
2.1 Penelitian Terdahulu ...................................................................................... 7
2.2 Keamanan Informasi ..................................................................................... 8
2.3 Vulnerability website ..................................................................................... 8
2.3.1 Injection ................................................................................................. 9
2.3.2 Broken Authentication and Session Management ................................. 9
2.3.3 Cross Site Scripting (XSS) .................................................................... 9
2.3.4 Local File Inclusion ............................................................................... 9
2.3.5 Insecure Direct Object Reference .......................................................... 9
2.3.6 Sensitive Data Exposure ...................................................................... 10
2.3.7 Missing Function Level Access Control .............................................. 10
2.4 Vulnerability Assessment ............................................................................ 10
2.5 Penetration Testing ...................................................................................... 10
2.5.1 External Penetration Testing ................................................................ 11
2.5.2 Internal Penetration Testing ................................................................. 11
x
2.5.3 Black-box Penetration Testing ............................................................. 11
2.6 Hacking Phases ............................................................................................ 12
2.6.1 Reconnaissance .................................................................................... 12
2.6.2 Scanning .............................................................................................. 12
2.6.3 Gaining Access .................................................................................... 12
2.6.4 Maintaining Access .............................................................................. 13
2.6.5 Clearing Tracks .................................................................................... 13
2.7 Pengujian Celah keamanan pada web application ...................................... 13
2.7.1 FootPrint Web Infrastructure ............................................................... 13
2.7.2 Analyze Web Applications ................................................................... 13
2.7.3 Attack Authentication Mechanism ....................................................... 13
2.7.4 Attack Authorization Schemes ............................................................. 14
2.7.5 Attack session Management Mechanism ............................................. 14
2.7.6 Perform Injection Attacks .................................................................... 14
2.7.7 Attack Data Connectivity ..................................................................... 14
2.7.8 Attack Web App Client ........................................................................ 14
2.8 Komponen Pendukung ................................................................................ 15
2.8.1 Burp Suite ............................................................................................ 15
2.8.2 W3af .................................................................................................... 15
2.8.3 Nmap.................................................................................................... 15
2.8.4 YouGetSignal ....................................................................................... 16
2.8.5 Sqlmap ................................................................................................. 16
BAB III ANALISIS DAN PERANCANGAN ....................................................... 17
3.1 Analisis Permasalahan ................................................................................. 17
3.2 Analisis Metode Serangan ........................................................................... 17
3.2.1 Analisis Footprinting ........................................................................... 18
3.2.2 Analisis Scanning ................................................................................ 19
3.2.3 Analisis Gaining Access ...................................................................... 20
3.3 Analisis Metode untuk Menutup Celah Keamanan website ........................ 25
3.3.1 SQL Injection ....................................................................................... 25
3.3.2 Site Cross Scripting (XSS) .................................................................. 26
3.3.3 Local file Inclusion (LFI) .................................................................... 26
xi
3.3.4 Broken Authentication and session management ................................ 26
3.3.5 Unrestricted Upload of File ................................................................. 26
3.3.6 Missing Function Level Access Control .............................................. 27
BAB IV IMPLEMENTASI DAN PENGUJIAN ................................................... 28
4.1 Implementasi ............................................................................................... 28
4.1.1 Scanning terhadap website UMM ....................................................... 28
4.1.2 Gaining Access .................................................................................... 38
4.1.3 Metode untuk menutup celah keamanan ............................................. 51
BAB V PENUTUP ................................................................................................. 55
5.1 Kesimpulan .................................................................................................. 55
5.2 Saran ............................................................................................................ 55
DAFTAR PUSTAKA ............................................................................................. 56
xii
DAFTAR GAMBAR
Gambar 1.1 tahapan metodologi eksperimen[8] ...................................................... 4
Gambar 3.1 hacking phases[9] ............................................................................... 18
Gambar 3.2 gambaran web server UMM ............................................................... 19
Gambar 3.3 mekanisme SQLI ................................................................................ 21
Gambar 3.4 mekanisme XSS ................................................................................. 22
Gambar 3.5 mekanisme LFI ................................................................................... 23
Gambar 3.6 mekanisme broken authentication ...................................................... 23
Gambar 3.7 unrestricted upload ............................................................................. 24
Gambar 3.8 mekanisme missing function level access control ............................. 25
Gambar 3.9 mekanisme mysql_escape[19] ........................................................... 25
Gambar 4.1 subdomain umm.ac.id ........................................................................ 29
Gambar 4.2 ping terhadap server ........................................................................... 30
Gambar 4.3 subdomain krs.umm.ac.id................................................................... 30
Gambar 4.4 subdomain infokhs.umm.ac.id ........................................................... 31
Gambar 4.5 report Burp Suite XSS ........................................................................ 33
Gambar 4.6 response server ................................................................................... 33
Gambar 4.7 report LFI ........................................................................................... 34
Gambar 4.8 response server ................................................................................... 34
Gambar 4.9 email BAA.......................................................................................... 35
Gambar 4.10 error-based SQLI .............................................................................. 35
Gambar 4.11 report SQLi ....................................................................................... 36
Gambar 4.12 response server ................................................................................. 36
Gambar 4.13 report Burp Suite .............................................................................. 37
Gambar 4.14 response server ................................................................................. 37
Gambar 4.15 login umm.ac.id ................................................................................ 39
Gambar 4.16 login website informatika.umm.ac.id ............................................... 39
Gambar 4.17 login humas www.umm.ac.id ........................................................... 40
Gambar 4.18 eksploitasi LFI .................................................................................. 40
Gambar 4.19 payload uptime ................................................................................. 41
Gambar 4.20 kd1 vulnerable error-based ............................................................... 42
Gambar 4.21 database krs.umm.ac.id .................................................................... 42
xiii
Gambar 4.22 login admin krs.umm.ac.id ............................................................... 43
Gambar 4.23 upload mahasiswa ............................................................................ 43
Gambar 4.24 Nim krs.umm.ac.id ........................................................................... 44
Gambar 4.25 parameter golek error-based ............................................................. 44
Gambar 4.26 database neomaa ............................................................................... 45
Gambar 4.27 wesbite maa2.umm.ac.id .................................................................. 46
Gambar 4.28 administrator maa2.umm.ac.id ......................................................... 46
Gambar 4.29 telusur mahasiswa ............................................................................ 47
Gambar 4.30 parameter no_peserta error-based .................................................... 48
Gambar 4.31 database online.pmb.umm.ac.id ....................................................... 48
Gambar 4.32 form login cetak kartu ...................................................................... 49
Gambar 4.33 request repeater ................................................................................ 49
Gambar 4.34 response server ................................................................................. 50
Gambar 4.35 file upload.php .................................................................................. 50
Gambar 4.36 form input email ............................................................................... 51
Gambar 4.37 mysqli_escape_string()..................................................................... 52
Gambar 4.38 htmlspecialchars() ............................................................................ 52
Gambar 4.39 str_replace() ...................................................................................... 52
Gambar 4.40 upload file ......................................................................................... 53
Gambar 4.41 session .............................................................................................. 53
Gambar 4.42 session check .................................................................................... 54
xiv
DAFTAR TABEL
Tabel 1.1 pengujian keamanan dan metode untuk menutup celah keamanan .......... 5
Tabel 2.1 penelitian terdahulu .................................................................................. 7
Tabel 3.1 software scanning ................................................................................... 20
Tabel 3.2 software Gaining access ......................................................................... 20
Tabel 3.3 Sql injection attack characters ................................................................ 21
Tabel 3.4 perubahan karakter ................................................................................. 26
Tabel 4.1 subdomain umm.ac.id ............................................................................ 29
Tabel 4.2 scanning Nmap jaringan internet ............................................................ 31
Tabel 4.3 scanning Nmap jaringan intranet ............................................................ 32
Tabel 4.4 daftar vulnerability website UMM ......................................................... 38
Tabel 4.5 lfi krs.umm.ac.id ..................................................................................... 40
Tabel 4.6 SQLI krs.umm.ac.id ............................................................................... 41
Tabel 4.7 vulnerable krs.umm.ac.id ....................................................................... 43
Tabel 4.8 broken authentication ............................................................................. 46
Tabel 4.9 SQLI online.pmb.umm.ac.id .................................................................. 47
Tabel 4.10 upload file online.pmb.umm.ac.id ........................................................ 48
Tabel 4.11 reset password infokhs.umm.ac.id ....................................................... 50
56
DAFTAR PUSTAKA
[1] D. Metasari, “Analisis Keamanan Website Di Universitas Muhammadiyah
Surakarta,” Universitas Muhammadiyah Surakarta, 2014.
[2] A. Razzaq, Z. Anwar, H. F. Ahmad, K. Latif, dan F. Munir, “Ontology for
attack detection: An intelligent approach to web application security,”
Comput. Secur., vol. 45, hal. 124–146, Sep 2014.
[3] P. R. Phil dan others, “OWASP Top 10: The Top 10 Most Critical Web
Application Security Threats Enhanced with Text Analytics and Content by
PageKicker Robot Phil 73,” 2014.
[4] “About The Open Web Application Security Project - OWASP.” [Daring].
Tersedia pada: https://www.owasp.org/index.php/About_OWASP. [Diakses:
01-Feb-2017].
[5] “Methodology Vulnerability Assessment | GovCSIRT – Kementerian
Komunikasi dan Informatika.” [Daring]. Tersedia pada:
http://govcsirt.kominfo.go.id/254/. [Diakses: 11-Okt-2016].
[6] J. R. Vacca, Ed., Computer and information security handbook. Amsterdam ;
Boston : Burlington, MA: Elsevier ; Morgan Kaufmann, 2009.
[7] D. Kar dan S. Panigrahi, “Prevention of SQL Injection attack using query
transformation and hashing,” in Advance Computing Conference (IACC),
2013 IEEE 3rd International, 2013, hal. 1317–1323.
[8] P. M. B. F. de Abreu, “New information technologies in public participation:
a challenge to old decision-making institutional frameworks,” Citeseer, 2002.
[9] EC-Council, “CEHV8 Module 01 Introduction to Ethical Hacking.” 2012.
[10] “Category:Vulnerability - OWASP.” [Daring]. Tersedia pada:
https://www.owasp.org/index.php/Category:Vulnerability. [Diakses: 16-Okt-
2016].
[11] EC-Council, “CEHv8 Module 20 Penetration Testing.” 2012.
[12] EC-Council, “CEH-Handbook-v2.0.” 2016.
[13] EC-Council, “CEHv8 Module 13 Hacking Web Applications.” 2012.
[14] “Burp Suite.” [Daring]. Tersedia pada: https://portswigger.net/burp/. [Diakses:
11-Jan-2017].
57
[15] “w3af - Open Source Web Application Security Scanner.” [Daring]. Tersedia
pada: http://w3af.org/. [Diakses: 15-Jan-2017].
[16] “Panduan Refensi Nmap (Man Page, bahasa Indonesia).” [Daring]. Tersedia
pada: https://nmap.org/man/id/index.html#man-description. [Diakses: 11-Jan-
2017].
[17] “About YouGetSignal.” [Daring]. Tersedia pada:
http://www.yougetsignal.com/about/. [Diakses: 11-Jan-2017].
[18] “sqlmap: automatic SQL injection and database takeover tool.” [Daring].
Tersedia pada: http://sqlmap.org/. [Diakses: 11-Jan-2017].
[19] A. Sadeghian, M. Zamani, dan A. A. Manaf, “SQL injection vulnerability
general patch using header sanitization,” in Computer, Communications, and
Control Technology (I4CT), 2014 International Conference on, 2014, hal.
239–242.