Abstract
Bangladesh has announced every Government & Non-Government school and colleges must website. The websites have to include all data and information every school and colleges. The goal of this initiative is to ensure equal quality of education and to provide education to the remote areas of the country. Though is a very new concept yet an appreciable number of institutes have already started shifting their systems online. While this advancement is commendable yet there are drawbacks such as security risks of these websites and the data in them. One of the easiest yet treacherous security risks of website is SQLi. This paper focuses on various types of SQLi vulnerabilities such as: normal, error based double query, and blind injection techniques and their aggression on the educational websites of Bangladesh. Manual penetration testing with black box approach has been implemented in number of web applications to check the vulnerabilities. The data found has been analyzed to draw statistical conclusion of the present condition of the educational websites of Bangladesh.
Original language | English |
---|---|
Pages | 152-157 |
Number of pages | 6 |
DOIs | |
Publication status | Published - 17 Mar 2016 |
Externally published | Yes |
Event | 2015 2nd International Conference on Information Security and Cyber Forensics, InfoSec 2015 - Duration: 17 Mar 2016 → … |
Conference
Conference | 2015 2nd International Conference on Information Security and Cyber Forensics, InfoSec 2015 |
---|---|
Period | 17/03/16 → … |
Keywords
- Blind injection
- Double query
- Error based injection
- Sqli