Journals Proceedings

Abstract

Web applications have been proven most efficient by providing easy access to services such as online education, banking, reservation, shopping, resources, and information sharing. Though the use of web applications is a comparatively new concept, various government and private organizations of Bangladesh have started getting accustomed to it. Bangladesh government has also taken initiative to support web based services and ensure their security and reliability. Most of the web applications of Bangladesh are registered under .bd domain. The global accessibility and sensitivity of the information’s of web applications make them a target for web attackers. However the security issues of the .bd domain web applications are not addressed. No through study has been done so far on the existing vulnerabilities of these web applications. Hence the web applications are vulnerable to basic attack such as Structured Query Language injection (SQLi). This paper presents an evaluation of existing User input based SQLi vulnerability of web applications of .bd domain using black box penetration testing approach. The tests are performed manually. The data collected are analyzed to provide a guideline for website administrators.