Vulnerability
Vulnerability
is designed to generate a priority list of vulnerabilities, Vulnerability will
be used by hackers as a way to enter the system illegally. Hackers will usually
create an Exploit that is tailored to the vulnerability it has found, Any application (service, desktop, web base)
must have a vulnerability or vulnerability. Not all malicious hackers, if the
security hole found by malicious hackers (Black Hat) may be used to exploit the
system to use for its own benefit, but if found by a good hacker (white hat)
biasnaya he will report the security hole to the application developers tesebut
for repair. for leading companies such as facebook, google, microsoft etc.,
they will give a considerable reward for the inventor of bug / vulnerabillity
in his system.
On this occasion I will try to do the scanning
of Semarang State University website at www.unnes.ac.id using Acunetix Web
Vulnerbility tool.
Step use of tools Acunetix Web Vulnerbility
First download tools Acunetix Web Vulnerbility
Open the Acunetix tool
and input the targeted website on the Scan single website column
acunetik1 |
Determining the Options selected, at this stage
we can choose what options we will scan from the website, if overall select
Default.
acunetik2 |
Menscan Information from the intended target
(information from the website that we input)
acunetix3 |
Login Sequence next
acunetix4 |
Stage analysis of the targeted website
acunetix5 |
In the picture above this stage we will get some
information about the subdomain contained on the scanned website, the subdomain
we can scan also to find other gaps contained in the main website domain.
acunetix6 analisis |
In the picture above obtained information about
the level of threat (threat) that is on the website of the State University of
Semarang the level of threat is located at level 2 (Medium) and Low level. In
this level even a gap for a hacker to carry out an attack is very likely to
occur.
Red Color : High (high threat level)
Orange Color : Medium (medium threat level)
Blue Color : Low (low threat level)
Green Color : contains information only, but can
be made a gap as well
In the Target Information section, there is
information about Responsive, Web Server Banner, Operating System used by
server and Technology used by Semarang State University website, Unnes is still
using apache web server and this web is responsive, with debian linux server.
We also can find statistical data on this web
like picture below
acunetix7 analisis |
Analysis conclusions
Website Semarang State University
www.unnes.ac.id has a threat level of middle and low class hacks (Medium Level
& Low Level), such a gap is still very vulnerable and can be rested by hackers
to enter the web server to get all the information contained in it for the
benefit of the hacker.
good luck.................
No comments:
Post a Comment