SQL Injection Vulnerabilities Analysis Using SQLMAP

Abstract

To keep up with the global pace of digitalization, developing countries, like developed countries, are providing services to their citizens through various online portals, web applications, and web sites. When it comes to a web application, cybersecurity is one of the most discussed topics, and protecting the confidentiality and integrity of data has become critical. Unfortunately, many of those web-based services are vulnerable to serious security threats as a result of a lack of consideration for vulnerability issues during the development phase. Vulnerability statistics are required for these developing countries to gain insight into the current security status of the web services provided. SQLi is one of the most common techniques used by hackers to exploit a security flaw in a web application. In this paper, we used Sqlmap to detect SQLi vulnerabilities in Bangladeshi websites. We conducted the survey for 150 Bangladeshi websites because the country has been focusing on digitalization of government services for the last few years and already provides a variety of online services to its citizens. Among the 150 websites from various categories, the results show that the majority of them are vulnerable to error-based SQL Injection.