Professional Documents
Culture Documents
PentestTools SqlInjection Report
PentestTools SqlInjection Report
https://smartcampus.akademitnial.ac.id/share/page/
Summary
Findings
Spider results
https://smartcampus.akademitnial.ac.id/share/page/ GET
Body:
failure=%2Fshare%2Fpage%2F%3Ferror%3Dtrue
https://smartcampus.akademitnial.ac.id/share/page/dologin POST password=Secure123456%24
success=%2Fshare%2Fpage%2F
username=
Body:
failure=/share/page/?error=true
https://smartcampus.akademitnial.ac.id/share/page/dologin POST password=Secure123456$
success=/share/page/
username=
https://smartcampus.akademitnial.ac.id/share/page/dologin GET
Details
Risk description:
The table contains all the unique pages the scanner found. The duplicated URLs are not available here as scanning those is
considered unnecessary
Recommendation:
We recommend to advanced users to make sure the scan properly detected most of the URLs in the application.
References:
All the URLs the scanner found, including duplicates (available for 90 days after the scan date)
Website is accessible.
1/2
List of tests performed (3/3)
Checking for website accessibility...
Spidering target...
Checking for SQL Injection...
Scan parameters
Target: https://smartcampus.akademitnial.ac.id/share/page/
Scan type: Light
Authentication: False
Scan stats
Unique Injection Points Detected: 4
URLs spidered: 3
Total number of HTTP requests: 957
Average time until a response was
213ms
received:
2/2