Logical operators and its application in determining vulnerable websites caused by SQL injection among UTM faculty websites

Abstract

This research identifies the problems caused by SQL Injection Bypassing Login among Universiti Teknologi Malaysia (UTM), Johor Bahru faculty?s websites by applying Logical Operators. Structured Query Language, SQL is some kind of language used to allow users to work on the data stored in a database. SQL Injection is a technique to gain illegal access through the vulnerability of a website. Vulnerability of a website means poorly designed website in performing operation on the database. In order to test the vulnerability of websites, the SQL Injection rule will be created and will be test on Mutillidae website to see the effectiveness of the rule. If the rule is effective enough, those rule will be combined by using logical operators. The combination rule will be tested on UTM faculty?s websites to observe and determine whether the website is vulnerable to the combination rule of SQL Injection or not. If the website can be accessed using this combination rule, conclusion can be made that the website is vulnerable and needs to improve on their website security. Hence, the way to avoid SQL Injection will be recommended.