WebShell implementation and modification for website-based attack monitoring

WebShell Implementation And Modification For Website-Based Attack Monitoring

  • Paulus Miki Resa Gumilang Teknik Informatika, Fakultas Teknologi Informasi, Universitas Kristen Satya Wacana
  • Dian Widiyanto Chandra Fakultas Teknologi Informasi Universitas Kristen Satya Wacana
Keywords: backdoor, webshell, visualization, monitoring, logs

Abstract

Backdoor is code commonly used by hackers to gain access to a web page illegally, backdoor or commonly called a web shell is currently used by hackers to attack a web page, but in handling attacks that use a web shell. not always detectable quickly it even takes months to realize a web page has embedded a web shell. To deal with this problem, we need an application that can quickly detect attacks carried out by embedding a web shell on a web page. The purpose of this research is to modify the existing web shell so that it can be monitored when it is used by hackers to attack a website. The monitoring process is carried out using a web page created by the author. The results of the discussion of this study are expected to reduce losses arising from attacks carried out by hackers using a web shell.

Downloads

Download data is not yet available.

References

[1] D. Hariyadi, “Analisis Serangan Web Defacement pada Situs Web Pemerintah Menggunakan ELK Stack,” JISKA (Jurnal Inform. Sunan Kalijaga), vol. 4, no. 1, pp. 1–8, 2019, doi: 10.14421/jiska.2019.41-01.
[2] M. Romagna and N. J. van den Hout, “Hacktivism and Website Defacement: Motivations, Capabilities and Potential Threats,” 27th Virus Bull. Int. Conf., p. 10, 2017, [Online]. Available: https://www.researchgate.net/publication/320330579_Hacktivism_and_Website_Defacement_Motivations_Capabilities_and_Potential_Threats.
[3] C. R. Sopaheluwakan and D. W. Chandra, “Anti-WebShell PHP Backdoor Scanner pada Linux Server,” Ilk. J. Ilm., vol. 12, no. 2, pp. 143–153, 2020, doi: 10.33096/ilkom.v12i2.596.143-153.
[4] L. Siagian, A. Budiarto, P. Strategi, P. Udara, and U. Pertahanan, “PERAN KEAMANAN SIBER DALAM MENGATASI KONTEN NEGATIF GUNA MEWUJUDKAN KETAHANAN INFORMASI NASIONAL,” J. Peperangan Asimetris, vol. 4, no. 3, pp. 1–18, 2018, [Online]. Available: http://jurnalprodi.idu.ac.id/index.php/PA/article/view/268.
[5] M. S. Umam, “Orientasi Etika dan Cyber Security Awareness (Studi Kasus pada UMKM di Bantul),” Akmenika J. Akunt. dan Manaj., vol. 16, no. 2, pp. 283–291, 2019, doi: 10.31316/akmenika.v16i2.394.
[6] A. R. Arianto and G. Anggraini, “Membangun Pertahanan Dan Keamanan Siber Nasional Indonesia Guna Menghadapi Ancaman Siber Global Melalui Indonesia Security Incident Response Team on Internet Infrastructure (Id-Sirtii),” J. Pertahanan Bela Negara, vol. 9, no. 1, pp. 13–29, 2019, doi: 10.33172/jpbh.v9i1.497.
[7] S. Kumar and D. Agarwal, “Hacking Attacks , Methods , Techniques And Their Protection measures,” Int. J. Adv. Res. Comput. Sci. Manag., vol. 4, no. 4, pp. 2252–2257, 2018, [Online]. Available: https://www.researchgate.net/publication/324860675_Hacking_Attacks_Methods_Techniques_And_Their_Protection_Measures.
[8] G. Supriyatno, “Searching for Forensic Evidence in a Compromised Virtual Web Server against SQL Injection Attacks and PHP Web Shell,” … J. Comput. Inf. …, vol. 12, no. 12, pp. 1057–1063, 2018, [Online]. Available: https://pdfs.semanticscholar.org/ffe6/3f26d01eacbf288d705d79f1f78a30c886a8.pdf.
[9] A. Mahmudi, “SISTEM KEAMANAN JARINGAN MENDETEKSI BACKDOOR UNTUK MENEMUKAN CELAH DAN EXPLOITS PADA WEB SERVER MENGGUNAKAN TEKNIK IDS (INTRUSION DETECTION SYSTEM),” Simki-Techsain, vol. 1, no. 4, pp. 1–7, 2017, [Online]. Available: http://simki.unpkediri.ac.id/detail/13.1.03.02.0003.
[10] I. M. Sudana, N. Qudus, and S. E. Prasetyo, “Implementation of PHPMailer with SMTP protocol in the development of web-based e-learning prototype,” J. Phys. Conf. Ser., 2019, doi: 10.1088/1742-6596/1321/3/032027.
[11] L. Puad, “Pemanfaatan Phpmailer Dalam Pembuatan E-Absence Berbasis Web Mobile Sebagai Kontrol Orang Tua Terhadap Absensi Siswa,” J. Akad., vol. 9, no. 1, pp. 39–44, 2016, [Online]. Available: http://ojs.unh.ac.id/index.php/akademika/article/view/207/196.
[12] I. Ramadhan, “Strategi Keamanan Cyber Security Di Kawasan Asia Tenggara: Self-Help Atau Miltilateralism?,” J. Asia Pacific Stud., vol. 3, no. 2, pp. 181–192, 2020, doi: 10.33541/japs.v3i1.1081.
[13] M. S. Hasibuan and L. M. Gultom, “Analisis Serangan Deface Menggunakan Backdoor Shell Pada Website,” Techno.Com, vol. 17, no. 4, pp. 415–423, 2018, doi: 10.33633/tc.v17i4.1887.
[14] R. Andriani, E. S. Pramukantoro, and M. Data, “Pengembangan Sistem Visualisasi Access Log untuk Mengetahui Informasi Aktivitas Pengunjung pada Sebuah Website,” J. Pengemb. Teknol. Inf. dan Ilmu Komput. Univ. Brawijaya, vol. 2, no. 6, pp. 2104–2112, 2018, [Online]. Available: https://j-ptiik.ub.ac.id/index.php/j-ptiik/article/view/1503/549.
[15] R. Faisal and S. Trhessya, “Desain dan Implementasi Deteksi WebShell Malicious Web Shell ( Backdoor Trap ),” J. Sist. Inf. Bisnis, vol. 10, no. 2, pp. 188–194, 2020, doi: 10.21456/vol10iss2pp1188-194.
Published
2021-07-19
How to Cite
Gumilang, P. M., & Chandra, D. (2021). WebShell implementation and modification for website-based attack monitoring. AITI, 18(1), 54-68. https://doi.org/10.24246/aiti.v18i1.54-68
Section
Articles