SQLi vulnerabilty in education sector websites of Bangladesh

Delwar Alam, Touhid Bhuiyan, Md Alamgir Kabir, Tanjila Farah

Research output: Contribution to conferenceConference paper

9 Citations (Scopus)

Abstract

Bangladesh has announced every Government & Non-Government school and colleges must website. The websites have to include all data and information every school and colleges. The goal of this initiative is to ensure equal quality of education and to provide education to the remote areas of the country. Though is a very new concept yet an appreciable number of institutes have already started shifting their systems online. While this advancement is commendable yet there are drawbacks such as security risks of these websites and the data in them. One of the easiest yet treacherous security risks of website is SQLi. This paper focuses on various types of SQLi vulnerabilities such as: normal, error based double query, and blind injection techniques and their aggression on the educational websites of Bangladesh. Manual penetration testing with black box approach has been implemented in number of web applications to check the vulnerabilities. The data found has been analyzed to draw statistical conclusion of the present condition of the educational websites of Bangladesh.
Original languageEnglish
Pages152-157
Number of pages6
DOIs
Publication statusPublished - 17 Mar 2016
Externally publishedYes
Event2015 2nd International Conference on Information Security and Cyber Forensics, InfoSec 2015 -
Duration: 17 Mar 2016 → …

Conference

Conference2015 2nd International Conference on Information Security and Cyber Forensics, InfoSec 2015
Period17/03/16 → …

Keywords

  • Blind injection
  • Double query
  • Error based injection
  • Sqli

Fingerprint

Dive into the research topics of 'SQLi vulnerabilty in education sector websites of Bangladesh'. Together they form a unique fingerprint.

Cite this