STUDI DAN IMPLEMENTASI KEAMANAN WEBSITE MENGGUNAKAN OPEN WEB APPLICATION SECURITY PROJECT (OWASP) STUDI KASUS : PLN BATAM TUGAS AKHIR Disusun sebagai salah satu syarat untuk kelulusan Program Studi Strata 1, Program Studi Teknik Informatika, Universitas Pasundan Bandung
oleh : Andi Purnawan nrp. 11.304.0212
PROGRAM STUDI TEKNIK INFORMATIKA FAKULTAS TEKNIK UNIVERSITAS PASUNDAN BANDUNG OKTOBER 2014
DAFTAR ISI ABSTRAK ................................................................................................................
i
ABSTRACT ..............................................................................................................
ii
KATA PENGANTAR ...............................................................................................
iii
DAFTAR ISI ...........................................................................................................
iv
DAFTAR TABEL ....................................................................................................
vi
DAFTAR GAMBAR ................................................................................................
vii
DAFTAR LAMPIRAN ............................................................................................
ix
BAB 1 PENDAHULUAN 1.1
Latar Belakang .........................................................................................
1-1
1.2
Identifikasi Masalah .................................................................................
1-2
1.3
Tujuan .......................................................................................................
1-2
1.4
Lingkup Tugas Akhir .................................................................................
1-2
1.5
Metodologi Tugas Akhir ............................................................................
1-3
1.6
Sistematika Penulisan ...............................................................................
1-4
BAB 2 LANDASAN TEORI 2.1
Website (World Wide Web) ......................................................................
2-1
2.2
Internet ......................................................................................................
2-2
2.3
URL ...........................................................................................................
2-3
2.4
Framework ................................................................................................
2-4
2.5
CodeIgniter ................................................................................................
2-5
2.6
Owasp (Open Application Security Project) ..............................................
2-6
2.6.1
Injection .................................................................................................
2-6
2.6.2
Broken Authentication and Session Management .................................
2-7
2.6.3
Cross-Site Scripting (XSS).....................................................................
2-7
2.6.4
Insure Direct Object References ...........................................................
2-8
2.6.5
Security Misconfiguration .....................................................................
2-8
2.6.6
Sensitive Data Exposure ........................................................................
2-9
2.6.7
Missing Function Level Access Control ................................................
2-9
2.6.8
Cross-Site Request Forgery (CSRF) .....................................................
2-10
2.6.9
Using Components with Known Vulnerabilities ...................................
2-10
2.6.10
Unvalidated Redirects and Forward .....................................................
2-10
Secure Programming pada PHP ................................................................
2-11
2.7.1
General User Input Handling ...............................................................
2-11
2.7.2
File Handling ........................................................................................
2-12
2.7.3
Include Files..........................................................................................
2-13
2.7
2.7.4
Command Handling ..............................................................................
2-13
2.7.5
Databases ..............................................................................................
2-13
2.7.6
Sessions .................................................................................................
2-13
2.7.7
General PHP Interpreter Configuration ..............................................
2-13
BAB 3 ANALISIS 3.1
Standar Keamanan Aplikasi Berbasis Web ................................................
3-1
3.2
Analisis Top Ten Owasp terhadap 3 Aspek Security Principles ................
3-2
3.3
Lingkungan Implementasi Pengujian .........................................................
3-3
3.4
Penerapan Secure Programming pada Website .........................................
3-3
3.5
Skenario Analisis ........................................................................................
3-7
3.5.1
Injection .................................................................................................
3-8
3.5.2
Broken Authentication and Session Management .................................
3-10
3.5.3
Cross-Site Scripting (XSS).....................................................................
3-12
3.5.4
Insecure Direct Object References ........................................................
3-14
3.5.5
Security Misconfiguration .....................................................................
3-15
3.5.6
Sensitive Data Exposure ........................................................................
3-16
3.5.7
Missing Function Level Access Control ................................................
3-16
3.5.8
Cross-Site Request Forgery (CSRF) .....................................................
3-16
3.4.9
Using Components with Known Vulnerabilities ...................................
3-20
3.5.10
Unvalidated Redirects and Forward .....................................................
3-20
Fitur dari Codeigniter untuk Menangkal Serangan Owasp Top Ten ..........
3-22
3.6
BAB 4 IMPLEMENTASI 4.1
Hasil Pengujian Keamanan Website .............................................................
4-1
BAB 5 KESIMPULAN DAN SARAN 5.1
Kesimpulan ...................................................................................................
5-1
5.2
Saran .............................................................................................................
5-1
DAFTAR PUSTAKA LAMPIRAN
DAFTAR TABEL
Tabel 2.1 Ancaman dari serangan injection ..............................................................
2-6
Tabel 2.2 Ancaman dari serangan broken authentication and session management
2-7
Tabel 2.3 Ancaman dari serangan XSS .....................................................................
2-7
Tabel 2.4 Ancaman dari serangan insure direct object references............................
2-8
Tabel 2.5 Ancaman dari serangan security misconfiguration ...................................
2-8
Tabel 2.6 Ancaman dari serangan sensitive data exposure .......................................
2-9
Tabel 2.7 Ancaman dari serangan missing function level access control .................
2-9
Tabel 2.8 Ancaman dari serangan CSRF...................................................................
2-10
Tabel 2.9 Ancaman dari serangan using components with known vulnerabilities ....
2-10
Tabel 2.10 Ancaman dari serangan unvalidated redirects and forward ...................
2-11
Tabel 3.1 penggolongan top ten owasp terhadap 3 aspek secure programming .......
3-3
Tabel 3.2 Sasaran dari ancaman Top Ten Owasp ......................................................
3-7
Tabel 4.1 Hasil pengujian website pada localhost ....................................................
4-1
Tabel 4.2 Hasil pengujian website pada hosting berprotocol http ............................
4-1
Tabel 4.3 Hasil pengujian website pada hosting berprotocol https ...........................
4-2
Tabel 4.4 Hasil Pengujian website secara detail........................................................
4-3
DAFTAR GAMBAR Gambar 1.1 Diagram metodologi penelitian ............................................................ 1-‐3 Gambar 2.1 Cara Kerja framework codeigniter ........................................................ 2-‐5 Gambar 3.1 sanitize pada login-‐exec.php ................................................................. 3-‐3 Gambar 3.2 sanitize post values dan validasi inputan .............................................. 3-‐4 Gambar 3.3 generate session id beserta parameter lainnya .................................... 3-‐4 Gambar 3.4 autentifikasi session id pengguna .......................................................... 3-‐5 Gambar 3.5 role atau peranan pengguna pada saat login sesuai level ..................... 3-‐5 Gambar 3.6 filtering uri karakter ............................................................................... 3-‐6 Gambar 3.7 encryption key ....................................................................................... 3-‐6 Gambar 3.8 XSS filtering pada codeigniter ................................................................ 3-‐6 Gambar 3.9 CSRF protection pada codeigniter .......................................................... 3-‐7 Gambar 3.10 SQL Injection menggunakan Havij ...................................................... 3-‐8 Gambar 3.11 database MySql berhasil ditemukan oleh Havij .................................. 3-‐9 Gambar 3.12 database mysql yang berhasil di inject ............................................... 3-‐10 Gambar 3.13 Tamper Data pada halaman admin .................................................... 3-‐11 Gambar 3.14 Penggantian parameter post ............................................................... 3-‐11 Gambar 3.15 Metode tamper data gagal melewati autentifikasi website ................ 3-‐12 Gambar 3.16 halaman buku tamu yang disisipkan javascript ................................... 3-‐13 Gambar 3.17 inputan telah sukses ke dalam database ............................................. 3-‐13 Gambar 3.18 pop-‐up muncul di halaman back-‐end .................................................. 3-‐14 Gambar 3.19 Interface Nikto ..................................................................................... 3-‐15 Gambar 3.20 proses scanning telah selesai .............................................................. 3-‐15 Gambar 3.21 php config file ditemukan .................................................................... 3-‐15 Gambar 3.22 antarmuka CSRF testing tools .............................................................. 3-‐16 Gambar 3.23 konfigurasi formgrabber_bookmarklet ............................................... 3-‐17 Gambar 3.24 bookmarklet telah aktif ....................................................................... 3-‐18 Gambar 3.25 website sasaran dengan CSRF FormGrabber ....................................... 3-‐18 Gambar 3.26 CRSF FormGrabber .............................................................................. 3-‐19 Gambar 3.27 CSRF FormBuilder ................................................................................ 3-‐19
Gambar 3.28 CSRF exploit ......................................................................................... 3-‐20 Gambar 3.29 kondisi awal halaman login website .................................................... 3-‐21 Gambar 3.30 url yang telah disisipi dengan link redirect .......................................... 3-‐21 Gambar 3.31 User memasukkan username serta password ..................................... 3-‐22 Gambar 3.32 halaman backend website ................................................................... 3-‐22 Gambar A-‐1 Hasil pengujian injection pada localhost ............................................... A-‐1 Gambar A-‐2 Hasil pengujian broken authentication and session management pada localhost ........................................................................................................... A-‐2 Gambar A-‐3 Hasil pengujian XSS pada localhost ....................................................... A-‐3 Gambar A-‐4 Hasil pengujian Insecure Direct Object References pada localhost ....... A-‐4 Gambar A-‐5 Hasil Penujian CSRF pada localhost ....................................................... A-‐5 Gambar A-‐6 Hasil pengujian Unvalidated Redirects and Forwards pada localhost .. A-‐6 Gambar B-‐1 Hasil pengujian injection pada hosting dengan protokol http .............. B-‐1 Gambar B-‐2 Hasil pengujian broken authentication and session management pada hosting dengan protokol http .......................................................................... B-‐2 Gambar B-‐3 Hasil pengujian XSS pada hosting dengan protokol http ...................... B-‐3 Gambar B-‐4 Hasil pengujian Insecure Direct Object References pada hosting dengan protokol http ................................................................................................ B-‐4 Gambar B-‐5 Hasil Penujian CSRF pada hosting dengan protokol http ...................... B-‐5 Gambar B-‐6 Hasil pengujian Unvalidated Redirects and Forwards pada hosting dengan protokol http ................................................................................................ B-‐6 Gambar C-‐1 Hasil pengujian injection pada hosting dengan protokol https ............. C-‐1 Gambar C-‐2 Hasil pengujian broken authentication and session management pada hosting dengan protokol https ......................................................................... C-‐2 Gambar C-‐3 Hasil pengujian XSS pada hosting dengan protokol https ..................... C-‐3 Gambar C-‐4 Hasil pengujian Insecure Direct Object References pada hosting dengan protokol https ............................................................................................... C-‐4 Gambar C-‐5 Hasil Penujian CSRF pada hosting dengan protokol https ..................... C-‐5 Gambar C-‐6 Hasil pengujian Unvalidated Redirects and Forwards pada hosting dengan protokol https ............................................................................................... C-‐6
DAFTAR LAMPIRAN Gambar A-‐1 Hasil pengujian injection pada localhost ............................................... A-‐1 Gambar A-‐2 Hasil pengujian broken authentication and session management pada localhost ........................................................................................................... A-‐2 Gambar A-‐3 Hasil pengujian XSS pada localhost ....................................................... A-‐3 Gambar A-‐4 Hasil pengujian Insecure Direct Object References pada localhost ....... A-‐4 Gambar A-‐5 Hasil Penujian CSRF pada localhost ....................................................... A-‐5 Gambar A-‐6 Hasil pengujian Unvalidated Redirects and Forwards pada localhost .. A-‐6 Gambar B-‐1 Hasil pengujian injection pada hosting dengan protokol http .............. B-‐1 Gambar B-‐2 Hasil pengujian broken authentication and session management pada hosting dengan protokol http .......................................................................... B-‐2 Gambar B-‐3 Hasil pengujian XSS pada hosting dengan protokol http ...................... B-‐3 Gambar B-‐4 Hasil pengujian Insecure Direct Object References pada hosting dengan protokol http ................................................................................................ B-‐4 Gambar B-‐5 Hasil Penujian CSRF pada hosting dengan protokol http ...................... B-‐5 Gambar B-‐6 Hasil pengujian Unvalidated Redirects and Forwards pada hosting dengan protokol http ................................................................................................ B-‐6 Gambar C-‐1 Hasil pengujian injection pada hosting dengan protokol https ............. C-‐1 Gambar C-‐2 Hasil pengujian broken authentication and session management pada hosting dengan protokol https ......................................................................... C-‐2 Gambar C-‐3 Hasil pengujian XSS pada hosting dengan protokol https ..................... C-‐3 Gambar C-‐4 Hasil pengujian Insecure Direct Object References pada hosting dengan protokol https ............................................................................................... C-‐4 Gambar C-‐5 Hasil Penujian CSRF pada hosting dengan protokol https ..................... C-‐5 Gambar C-‐6 Hasil pengujian Unvalidated Redirects and Forwards pada hosting dengan protokol https ............................................................................................... C-‐6
