20 Oktober 2008

Daftar Pemilik dan Server Situs

Sebagai bagian dari Tugas Mata Kuliah Keamanan Informasi Sistem Lanjut, saya telah melakukan pencarian nama pemilik/pengelola situs detik.com, okezone.com, dan itb.ac.id serta mencari name server, mail server, dan IP address dari masing-masing website tersebut.

Pencarian terhadap nama pemilik domain detik.com, okezone.com, dan ITB.ac.id saya lakukan dengan menggunakan aplikasi projectwhois dari http://www.domaintools.com/. Data pemilik domain tersebut adalah sebagai berikut:

1. Detik.com

Registrant:
Siberkom, PT. Agranet Multicitra
Aldevco Octagon Building lt 2
Jl. Warung Buncit Raya 75
Jakarta, DKI Jakarta 12740
ID

Domain Name: DETIK.COM
Inetnum: 202.158.66.0 - 202.158.66.255
Netname: CBN-DETIK NETBLOCK
Description:
DetikCom
Aldevco Octagon Building - Lantai 2
Jl. Warung Buncit Raya No.75
Jakarta Selatan 12740
Country: ID
Admin-c: CH57-AP
Tech-c: CH57-AP
Mnt-by: NOC-MAINT-CBN-APNIC
Status: ASSIGNED NON-PORTABLE
Changed: 20060619
Source: APNIC
Person: CBNnet Hostmaster
nic-hdl: CH57-AP
e-mail:
Address: PT. Cyberindo Aditama
Manggala Wanabakti IV 6th Floor
Jl. Gatot Subroto, Senayan
Jakarta 10270 - Indonesia
Phone: +62-21-5799-4500
Fax: +62-21-574-2481
Country: ID
Changed: 18-05-2006
Mnt-by: NOC-MAINT-CBN-APNIC
Source: APNIC

2. Okezone.com

Registrant :
MNC ONLINE
Jl. Kebon Sirih 17-19
Jakarta
Jakarta, DKI Jakarta 10340
ID
Domain Name : OKEZONE.COM
Inetnum: 202.147.192.0 - 202.147.207.255
Netname: INFOKOM
Description:
Infokom Elektrindo, Inc
Telecommunication and Information Provider
Jakarta
Country: ID
Admin-c: IA11-AP
Tech-c: IH14-AP
Mnt-by: MNT-APJII-ID
Mnt-lower: MAINT-ID-INFOKOM
Changed: 30-09-2002
Changed: 31-12-2002
Changed: 13-02-2004
Status: ALLOCATED PORTABLE
Remarks: spam and abuse report : ,
Source: APNIC
Role: INFOKOM ADMIN
Address: PT Infokom Eletrindo
Bimantara Building 26th floor
Jl. Kebun Sirih
Jakarta Pusat
Country: ID
Phone: +62-21-3929925
Fax: +62-21-3929935
e-mail:
Trouble: spam and abuse report :
Trouble: technical and routing :
Trouble: administrative request :
Admin-c: MH42-AP
Tech-c: MH42-AP
nic-hdl: IA11-AP
Remarks: Infokom Admin role object
Notify:
Mnt-by: MAINT-ID-INFOKOM
Changed: 21-01-2004
Source: APNIC
role: INFOKOM HOSTMASTERS
Address: PT Infokom Eletrindo
Elektrindo Building 10th floor
Jl. Kuningan Barat 8
Jakarta 12710
Country: ID
phone: +62-21-526-0610
Fax: +62-21-526-0620
e-mail:
Trouble: spam and abuse report :
Trouble: technical and routing :
Trouble: hostmasters :
Admin-c: MH42-AP
Tech-c: MH42-AP
nic-hdl: IH14-AP
Remarks: Infokom hostmasters role object
Notify:
Mnt-by: MAINT-ID-INFOKOM
Changed: 21-01-2004
Source: APNIC

3. itb.ac.id

OrgName : Asia Pacific Network Information Centre Org
ID : APNIC
Address : PO Box 2131
City : MiltonState
Prov : QLD
Postal Code : 4064
Country : Australia

Referral Server: whois://whois.apnic.net
NetRange : 167.205.0.0 - 167.205.255.255
CIDR : 167.205.0.0/16
NetName : APNIC-ERX-167-205-0-0
NetHandle : NET-167-205-0-0-1
Parent : NET-167-0-0-0-0
NetType : Early Registrations, Transferred to APNIC

Comment : This IP address range is not registered in the ARIN database.
This range was transferred to the APNIC Whois Database as
part of the ERX (Early Registration Transfer) project.
For details, refer to the APNIC Whois Database via
WHOIS.APNIC.NET or http://www.apnic.net/apnic-bin/whois2.pl
** IMPORTANT NOTE: APNIC is the Regional Internet Registry
for the Asia Pacific region. APNIC does not operate networks
using this IP address range and is not able to investigate
spam or abuse reports relating to these addresses. For more
help, refer to http://www.apnic.net/info/faq/abuse
RegDate : 23-07-2003
Updated : 06-08-2003
OrgTechHandle : AWC12-ARIN
OrgTechName : APNIC

Whois Contact
OrgTechPhone : +61 7 3858 3188
OrgTechEmail :

== Additional Information From whois://whois.apnic.net ==


Inetnum : 167.205.0.0 - 167.205.255.255
Netname : BANDUNG-NETDescription : Institut Teknologi Bandung
Jl. Ganesha 10
Bandung 40132
Country : ID
Admin-c : IA20-AP
Tech-c : BS121-AP, AB281-AP
Status : ALLOCATED PORTABLE
Mnt-by : APNIC-HM
Mnt-lower : MAINT-ID-ITB
Changed : 14-09-2006
Changed : 15-09-2006
Source : APNIC

Person : Intan Ahmad
Address : ITB.NET
PT Jala Widya Caraka
Sekretariat AIII-ITB, IUC Building 4th. Floor
Jl. Ganesha 10 Bandung 40132
Country : ID
Phone : +62-22-251-2982
Fax : +62-22-251-2982
e-mail:
nic-hdl : IA20-AP
Mnt-by : MAINT-ID-ITBNET
Changed : 31-10-2001
Source : APNIC

Person : Basuki Suhardiman
Address : ITB.NET
PT Jala Widya Caraka
Sekretariat AIII-ITB, IUC Building 4th Floor
Jl. Ganesha 10 Bandung 40132
Country : ID
Phone : +62-22-251-2982
Fax : +62-22-251-2982
e-mail:
nic-hdl : BS121-AP
Mnt-by : MAINT-ID-ITBNET
Changed : 05-06-2002
Source : APNIC

Person : Affan Basalamah
nic-hdl : AB281-AP
e-mail:
Address : Sekretariat AIII-ITB, IUC Building 4th. Floor
Jl. Ganesha 10 Bandung 40132
Phone : +62-22-2512982
Fax : +62-22-2512982
Country : ID
Changed : 12-09-2006
Mnt-by : MAINT-ID-ITB
Source : APNIC

Pencarian terhadap name server, mail server, dan IP address saya lakukan dengan menggunakan engine dari http://www.emailstuff.org/. Adapun hasil yang saya peroleh adalah sebagai berikut:

1. Detik.com

Name Server & IP:
ns1.duniadetik.com 202.158.66.130
agra1.duniadetik.com 203.190.241.131
ns1.detik.net.id 202.158.66.17

Mail Server:
mail3.agrakom.com

IP Address:
202.158.66.94
202.158.66.190
203.190.241.41
203.190.241.43
203.190.241.166
202.158.66.20
202.158.66.86


2. Okezone.com
Name Server & IP:
ns2.okezone.com 202.147.200.135
ns3.okezone.com 202.147.200.136

Mail Server:
mx1.okezone.com

IP Address:
202.147.200.133

3. itb.ac.id

Name Server & IP:
ns1.itb.ac.id 202.249.24.65
ns2.itb.ac.id 167.205.22.123

ns1.parokinet.org 64.105.20.250

Mail Server:
mx1.itb.ac.id
mx2.itb.ac.id

IP Address:
167.205.108.136


Khusus untuk mencari subdomain di bawah itb.ac.id, saya menggunakan engine multiple dns lookup dari http://www.bankes.com/nslookup.htm.

Tampilan dari hasil pencarian tersebut adalah sebagai berikut:













Dari pencarian tersebut dapat diperoleh sekitar 813 nama subdomain. Sebagian besar nama sub domain mengarah ke lebih dari satu server dan beberapa sub domain digunakan untuk membuat sub domain lain di bawahnya. Untuk mengurangi subdomain yang ganda dan subdomain yang ada di bawah subdomain dilakukan penyaringan dengan menggunakan aplikasi sederhana. Dari hasil penyaringan tersebut dapat diperoleh 407 subdomain yang berada langsung di bawah itb.ac.id.
Adapun nama-nama subdomain itb.ac.id yang telah saya saring adalah sebagai berikut:
1. 8eh.itb.ac.id.
2. academic.itb.ac.id.
3. ae.itb.ac.id.
4. ai3.itb.ac.id.
5. akademik.itb.ac.id.
6. alumni.itb.ac.id.
7. angket-online.itb.ac.id.
8. antivirus.itb.ac.id.
9. antivirus-slb.itb.ac.id.
10. antivirus2.itb.ac.id.
11. apache2006.itb.ac.id.
12. apccas2002.itb.ac.id.
13. ar.itb.ac.id.
14. arc.itb.ac.id.
15. art.itb.ac.id.
16. as.itb.ac.id.
17. astronomi.itb.ac.id.
18. astronomy.itb.ac.id.
19. aula-tmr.itb.ac.id.
20. avist.itb.ac.id.
21. baak.itb.ac.id.
22. backup-mx.itb.ac.id.
23. bangda.itb.ac.id.
24. berkala.itb.ac.id.
25. bi.itb.ac.id.
26. billing.itb.ac.id.
27. billing-ng.itb.ac.id.
28. biomed.itb.ac.id.
29. biostrat.itb.ac.id.
30. biotech.itb.ac.id.
31. blogs.itb.ac.id.
32. bmg.itb.ac.id.
33. bosscha.itb.ac.id.
34. builder.itb.ac.id.
35. cache.itb.ac.id.
36. cache-en.itb.ac.id.
37. cache-ien.itb.ac.id.
38. cache1.itb.ac.id.
39. cache2.itb.ac.id.
40. cache3.itb.ac.id.
41. cache4.itb.ac.id.
42. cache5.itb.ac.id.
43. calonadmin.itb.ac.id.
44. cam.itb.ac.id.
45. campuschannel.itb.ac.id.
46. cas.itb.ac.id.
47. cbsed.itb.ac.id.
48. ccar.itb.ac.id.
49. che.itb.ac.id.
50. chem.itb.ac.id.
51. cintaitb.itb.ac.id.
52. cisco-dial.itb.ac.id.
53. cisco-dialin1.itb.ac.id.
54. cisco-dialin10.itb.ac.id.
55. cisco-dialin11.itb.ac.id.
56. cisco-dialin12.itb.ac.id.
57. cisco-dialin13.itb.ac.id.
58. cisco-dialin14.itb.ac.id.
59. cisco-dialin2.itb.ac.id.
60. cisco-dialin3.itb.ac.id.
61. cisco-dialin4.itb.ac.id.
62. cisco-dialin5.itb.ac.id.
63. cisco-dialin6.itb.ac.id.
64. cisco-dialin7.itb.ac.id.
65. cisco-dialin8.itb.ac.id.
66. cisco-dialin9.itb.ac.id.
67. cisco-en.itb.ac.id.
68. cisco-en-en.itb.ac.id.
69. cisco-itb-telkom.itb.ac.id.
70. cnrg.itb.ac.id.
71. cnrg-lib.itb.ac.id.
72. cnrg1.itb.ac.id.
73. cnrglab.itb.ac.id.
74. comlabs.itb.ac.id.
75. conference.itb.ac.id.
76. course.itb.ac.id.
77. cre.itb.ac.id.
78. crep.itb.ac.id.
79. crs.itb.ac.id.
80. cvsup.itb.ac.id.
81. cyberlib.itb.ac.id.
82. da.itb.ac.id.
83. datacenter.itb.ac.id.
84. db.itb.ac.id.
85. dcpusat.itb.ac.id.
86. devel.itb.ac.id.
87. devlabs.itb.ac.id.
88. dirdikpp.itb.ac.id.
89. distancE-courses.itb.ac.id.
90. distantlearning.itb.ac.id.
91. ditdik.itb.ac.id.
92. ditkeu.itb.ac.id.
93. dkv.itb.ac.id.
94. dl.itb.ac.id.
95. dlo.itb.ac.id.
96. dlomail.itb.ac.id.
97. dp.itb.ac.id.
98. ebs.itb.ac.id.
99. ee.itb.ac.id.
100. eii.itb.ac.id.
101. eis.itb.ac.id.
102. ejournal.itb.ac.id.
103. el92.itb.ac.id.
104. epsdl.itb.ac.id.
105. ezmlm-web.itb.ac.id.
106. fa.itb.ac.id.
107. faraday.itb.ac.id.
108. fi.itb.ac.id.
109. fitb.itb.ac.id.
110. fmb.itb.ac.id.
111. fmipa.itb.ac.id.
112. forum.itb.ac.id.
113. fsrd.itb.ac.id.
114. fti.itb.ac.id.
115. ftmd.itb.ac.id.
116. ftp.itb.ac.id.
117. ftsl.itb.ac.id.
118. ftsp.itb.ac.id.
119. fttm.itb.ac.id.
120. gallery.itb.ac.id.
121. gamais.itb.ac.id.
122. ganeca2.itb.ac.id.
123. ganechat.itb.ac.id.
124. ganesha.itb.ac.id.
125. ganeshatv.itb.ac.id.
126. gate-vhf.itb.ac.id.
127. gc.itb.ac.id.
128. gcca.itb.ac.id.
129. gd.itb.ac.id.
130. gdl.itb.ac.id.
131. geoph.itb.ac.id.
132. gerbang.itb.ac.id.
133. gf.itb.ac.id.
134. graphics.itb.ac.id.
135. groups.itb.ac.id.
136. gw-hf.itb.ac.id.
137. gw-paume.itb.ac.id.
138. hayati.itb.ac.id.
139. hitbox.itb.ac.id.
140. hosting.itb.ac.id.
141. humas.itb.ac.id.
142. hydraulic.itb.ac.id.
143. icpco2007.itb.ac.id.
144. ictmp.itb.ac.id.
145. idln.itb.ac.id.
146. ied.itb.ac.id.
147. if.itb.ac.id.
148. IIE.itb.ac.id.
149. iiwas2002.itb.ac.id.
150. im.itb.ac.id.
151. imhere.itb.ac.id.
152. ims.itb.ac.id.
153. indonesia-itb-ether.itb.ac.id.
154. inkubator.itb.ac.id.
155. ins.itb.ac.id.
156. instrument.itb.ac.id.
157. interior.itb.ac.id.
158. iom.itb.ac.id.
159. ipr.itb.ac.id.
160. ipv6.itb.ac.id.
161. isnet.itb.ac.id.
162. isrg.itb.ac.id.
163. itb-bgp-2.itb.ac.id.
164. ITB-bosscha.itb.ac.id.
165. itb-inherent.itb.ac.id.
166. itb-isat.itb.ac.id.
167. ITB-Jalawave.itb.ac.id.
168. itb-tein2.itb.ac.id.
169. itb-tunnel.itb.ac.id.
170. itbgtw.itb.ac.id.
171. itforum.itb.ac.id.
172. jaktri.itb.ac.id.
173. kabinet-km.itb.ac.id.
174. kaderisasi-admin.itb.ac.id.
175. kamus.itb.ac.id.
176. kantorwrma.itb.ac.id.
177. kealumnian.itb.ac.id.
178. kemitraan.itb.ac.id.
179. kepegawaian.itb.ac.id.
180. kkp.itb.ac.id.
181. km.itb.ac.id.
182. kmrg.itb.ac.id.
183. kolaborasi.itb.ac.id.
184. koperasi.itb.ac.id.
185. kppmb.itb.ac.id.
186. kppwk.itb.ac.id.
187. kria-sr.itb.ac.id.
188. kuliah.itb.ac.id.
189. lapi.itb.ac.id.
190. lc.itb.ac.id.
191. ldap.itb.ac.id.
192. ldap-ng.itb.ac.id.
193. ldap-tes.itb.ac.id.
194. lfd.itb.ac.id.
195. lib.itb.ac.id.
196. library.itb.ac.id.
197. linux.itb.ac.id.
198. lms-inherent.itb.ac.id.
199. localhost.itb.ac.id.
200. loedroek.itb.ac.id.
201. logger.itb.ac.id.
202. logger-ng.itb.ac.id.
203. login.itb.ac.id.
204. logistik.itb.ac.id.
205. lp.itb.ac.id.
206. lpadrc.itb.ac.id.
207. lpkm.itb.ac.id.
208. lpm.itb.ac.id.
209. lppm.itb.ac.id.
210. lss.itb.ac.id.
211. lumbung1.itb.ac.id.
212. mailadm.itb.ac.id.
213. maisy.itb.ac.id.
214. maroon.itb.ac.id.
215. material.itb.ac.id.
216. math.itb.ac.id.
217. maxwell.itb.ac.id.
218. mba.itb.ac.id.
219. mcp-books.itb.ac.id.
220. mesin.itb.ac.id.
221. metallurgy.itb.ac.id.
222. mgb.itb.ac.id.
223. Mgmt.itb.ac.id.
224. mic.itb.ac.id.
225. mining.itb.ac.id.
226. mirror.itb.ac.id.
227. mlearning.itb.ac.id.
228. mm.itb.ac.id.
229. monitoring.itb.ac.id.
230. monitoringv2.itb.ac.id.
231. ms.itb.ac.id.
232. mti.itb.ac.id.
233. multimedia.itb.ac.id.
234. mx.itb.ac.id.
235. mx-in.itb.ac.id.
236. mx0.itb.ac.id.
237. mx1.itb.ac.id.
238. mx2.itb.ac.id.
239. mx3.itb.ac.id.
240. mx4.itb.ac.id.
241. mx5.itb.ac.id.
242. mx6.itb.ac.id.
243. nic.itb.ac.id.
244. nic-ng.itb.ac.id.
245. nicadm.itb.ac.id.
246. nii.itb.ac.id.
247. ninja-hattori.itb.ac.id.
248. noc-ccar.itb.ac.id.
249. noc-sps.itb.ac.id.
250. ns-new.itb.ac.id.
251. ns1.itb.ac.id.
252. ns2.itb.ac.id.
253. ns3.itb.ac.id.
254. nt.itb.ac.id.
255. ntp.itb.ac.id.
256. ocean.itb.ac.id.
257. oceanography.itb.ac.id.
258. oecd.itb.ac.id.
259. ohu2007.itb.ac.id.
260. old-ganesha.itb.ac.id.
261. olimpiade2007.itb.ac.id.
262. opencores.itb.ac.id.
263. openims.itb.ac.id.
264. order.itb.ac.id.
265. packetscanner.itb.ac.id.
266. pantheon.itb.ac.id.
267. pau-router.itb.ac.id.
268. paubt.itb.ac.id.
269. pauir.itb.ac.id.
270. paume.itb.ac.id.
271. pcd.itb.ac.id.
272. penerbit.itb.ac.id.
273. perencanaan.itb.ac.id.
274. petakampus.itb.ac.id.
275. phys.itb.ac.id.
276. pilihrektor.itb.ac.id.
277. pinri.itb.ac.id.
278. pl.itb.ac.id.
279. placeof.itb.ac.id.
280. plesk.itb.ac.id.
281. pmo.itb.ac.id.
282. pn.itb.ac.id.
283. portal.itb.ac.id.
284. poss.itb.ac.id.
285. power.itb.ac.id.
286. powernoc.itb.ac.id.
287. ppk.itb.ac.id.
288. ppkpl.itb.ac.id.
289. ppms.itb.ac.id.
290. pps.itb.ac.id.
291. ppt.itb.ac.id.
292. pptik.itb.ac.id.
293. premium.itb.ac.id.
294. pringgapuk.itb.ac.id.
295. profil-kaderisasi.itb.ac.id.
296. prohil.itb.ac.id.
297. proyek.itb.ac.id.
298. psda.itb.ac.id.
299. psdi.itb.ac.id.
300. pusat.itb.ac.id.
301. pusat-lama.itb.ac.id.
302. pusat2.itb.ac.id.
303. puslog.itb.ac.id.
304. pwk.itb.ac.id.
305. R11.itb.ac.id.
306. ra02.itb.ac.id.
307. ra11.itb.ac.id.
308. RA12.itb.ac.id.
309. ra13.itb.ac.id.
310. ra5.itb.ac.id.
311. radio-net.itb.ac.id.
312. rbl.itb.ac.id.
313. rbn.itb.ac.id.
314. rbn1.itb.ac.id.
315. rbn2.itb.ac.id.
316. register.itb.ac.id.
317. relasialumni.itb.ac.id.
318. rict.itb.ac.id.
319. sa.itb.ac.id.
320. sac-en.itb.ac.id.
321. salman.itb.ac.id.
322. samba.itb.ac.id.
323. sampoernasbm.itb.ac.id.
324. sappk.itb.ac.id.
325. satpam.itb.ac.id.
326. sbm.itb.ac.id.
327. scout.itb.ac.id.
328. sdm.itb.ac.id.
329. server3.itb.ac.id.
330. si.itb.ac.id.
331. sia.itb.ac.id.
332. sibf2008.itb.ac.id.
333. singalodra.itb.ac.id.
334. sipx.itb.ac.id.
335. sisfoperencanaan.itb.ac.id.
336. siskeu.itb.ac.id.
337. siskeu01.itb.ac.id.
338. sismik.itb.ac.id.
339. sispran.itb.ac.id.
340. sispran2.itb.ac.id.
341. sith.itb.ac.id.
342. skd.itb.ac.id.
343. snmptn.itb.ac.id.
344. soi.itb.ac.id.
345. soi-proxy.itb.ac.id.
346. soi-router.itb.ac.id.
347. soi-server.itb.ac.id.
348. sostek.itb.ac.id.
349. sp.itb.ac.id.
350. spe.itb.ac.id.
351. spns.itb.ac.id.
352. stat.itb.ac.id.
353. stei.itb.ac.id.
354. students.itb.ac.id.
355. students-ng.itb.ac.id.
356. suk.itb.ac.id.
357. svnserver.itb.ac.id.
358. sysapp.itb.ac.id.
359. TeknologiInformasi.itb.ac.id.
360. telekomunikasi.itb.ac.id.
361. telekomunikasi.itb.ac.id.
362. telematic.itb.ac.id.
363. tf.itb.ac.id.
364. thinclient.itb.ac.id.
365. ti.itb.ac.id.
366. tl.itb.ac.id.
367. tm.itb.ac.id.
368. tpb.itb.ac.id.
369. transport.itb.ac.id.
370. uka.itb.ac.id.
371. ukp.itb.ac.id.
372. unisispran.itb.ac.id.
373. unit.itb.ac.id.
374. upi.itb.ac.id.
375. uptor.itb.ac.id.
376. usdi.itb.ac.id.
377. usdi-imhere.itb.ac.id.
378. usdi-reps.itb.ac.id.
379. vclass.itb.ac.id.
380. vic-rat.itb.ac.id.
381. video.itb.ac.id.
382. virtual-university.itb.ac.id.
383. vlsi.itb.ac.id.
384. voip.itb.ac.id.
385. vpn.itb.ac.id.
386. waveLAN-disnak.itb.ac.id.
387. WaveLAN-DisNak-ITB.itb.ac.id.
388. wavelan-ikip.itb.ac.id.
389. WaveLAN-ITB-Lapan.itb.ac.id.
390. WaveLAN-ITB-midc.itb.ac.id.
391. waveLAN-ITB-RadNet.itb.ac.id.
392. WaveLAN-ITB-Unisba.itb.ac.id.
393. waveLAN-RadNet-ITB.itb.ac.id.
394. waveLAN-ypkp.itb.ac.id.
395. webhosting.itb.ac.id.
396. webkampus.itb.ac.id.
397. webservices-sispran.itb.ac.id.
398. whois.itb.ac.id.
399. wiki.itb.ac.id.
400. windowsupdate.itb.ac.id.
401. wrks.itb.ac.id.
402. wrm.itb.ac.id.
403. www.itb.ac.id.
404. www1.itb.ac.id.
405. x.itb.ac.id.
406. xxx.itb.ac.id.
407. zimbra.itb.ac.id.
Diposting oleh di Tidak ada komentar:

Program Error

Sehubungan dengan tugas Mata Kuliah Keamanan Informasi Sistem Lanjut, saya telah membuat sebuah aplikasi login berbasis web menggunakan ASP dan database Microsoft Access. Aplikasi tersebut terdiri dari 5 (lima) buah file ASP, yaitu:
1. create.asp
2. default.asp
3. login.asp
4. logout.asp
5. verify.asp
Saya membuat aplikasi dengan referensi yang saya peroleh dari http://www.planet-source-code.com/.
Berikut ini adalah source code dari masing-masing file asp:


1. file create.asp:

<%
Username = Request.Form("txtUsername")
Password = Request.Form("txtPassword")
Fullname = Request.Form("txtFullname")

if Username = "" then Response.redirect("login.asp?login=createnamefailed")
if Password = "" then Response.Redirect("login.asp?login=createpassfailed")

set conn = server.CreateObject ("ADODB.Connection")
conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & server.MapPath ("users.mdb")
set rs = server.CreateObject ("ADODB.Recordset")

rs.Open "SELECT * FROM userlist", conn, 3, 3

do while not rs.EOF
if rs("username")=Username then
set rs=nothing
set conn=nothing
Response.Redirect("login.asp?login=createnamefailed")
end if
rs.MoveNext

loop
rs.AddNew
rs("username")=Username
rs("password")=Password
rs("fullname")=Fullname

rs.Update

set rs=nothing
set conn=nothing

Response.Redirect("login.asp?login=creatednew")
%>

2. file default.asp:

<%
if Session("name") = "" then
Response.Redirect("login.asp")
else
Response.Write("<title>ASP Page</title>")
Response.write("<center>Selamat Datang " & Session("name") & "<br><a href=logout.asp>Logout</a></center>")
end if
%>

3. file login.asp:
<%
BackgroundColor="#C9DDB3"
BorderColor="#006600"
Content = ""
QStr = Request.QueryString("login")
if ucase(left(QStr,6))="CREATE" then
Title = "Register"
else
Title = "Login"
end if
if QStr="passfailed" then
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><P>Salah password</P><A href=Javascript:history.go(-1)>Back</A></td></tr>"
elseif
QStr="createpassfailed" then
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><P>Salah password</P><A href=Javascript:history.go(-1)>Back</A><BR><BR><A HREF=login.asp>Batalkan registrasi</A></td></tr>"
elseif
QStr="namefailed" then
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><P>Invalid Username</P><A HREF=login.asp?login=createnew>Klik di Sini Untuk Membuat Account</A><BR><BR><A HREF=Javascript:history.go(-1)>Back</A></td></tr>"
elseif
QStr="createnamefailed" then
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><P>Invalid Username</P><A HREF=Javascript:history.go(-1)>Back</A><BR><BR><A HREF=login.asp>Batalkan registrasi</A></td></tr>"
elseif
QStr="creatednew" then
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><P>Account Anda Telah Selesai Dibuat</P><A HREF=login.asp>Login</A></td></tr>"
elseif
QStr="createnew" then
Content = Content & "<form name=frmCreate method=POST action=create.asp>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><br>Username: <input type=text name=txtUsername></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center>Password: <input type=password name=txtPassword></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><br>Fullname: <input type=text name=txtFullname></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><input type=submit name=cmdSubmit value=Register></td></tr>"
Content = Content & "</form>"
else
Content = Content & "<form name=frmMain method=POST action=verify.asp>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><br>Username: <input type=text name=txtUsername></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center>Password: <input type=password name=txtPassword></td></tr>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><input type=submit name=cmdSubmit value=Login></td></tr>"
Content = Content & "</form>"
Content = Content & "<tr><td valign=top bordercolor="& BackgroundColor &" align=center><A HREF=login.asp?login=createnew>Klik di Sini Untuk Membuat Account</A></td></tr>"
end if
%>
<head>
<title>ASP Login</title>
</head>
<body link="<% Response.Write(BorderColor) %>" vlink="<% Response.Write(BorderColor) %>" alink="<% Response.Write(BorderColor) %>" text="<% Response.Write(BorderColor) %>"><
br>
<div align="center"> <
table border="2" cellspacing="5" bgcolor="<% Response.Write(BackgroundColor) %>" bordercolor="<% Response.Write(BorderColor) %>"width="250px">
<%
Response.Write("<tr><td valign=top align=center><b>" & Title & "</b></td></tr>")
Response.Write(Content) %>
</table>
</div>
</body>

4. file logout.asp:

<%
Session("name")=""
Response.Redirect("login.asp")
%>

5. file verify.asp:

<%
Username = Request.Form("txtUsername")
Password = Request.Form("txtPassword")
set conn = server.CreateObject ("ADODB.Connection")
conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & server.MapPath ("users.mdb")
set rs = server.CreateObject ("ADODB.Recordset")
rs.Open "SELECT * FROM userlist where username='"& Username &"'", conn, 1
If rs.recordcount = 0 then
rs.close
conn.close
set rs=nothing
set conn=nothing
Response.Redirect("login.asp?login=namefailed")
end if
if rs("password") = Password then
Session("name") = rs("fullname")
rs.Close
conn.Close
set rs=nothing
set conn=nothing
Response.Redirect("default.asp")
else
rs.Close
conn.Close
set rs=nothing
set conn=nothing
Response.Redirect("login.asp?login=passfailed")
end if
%>


Sedangkan untuk table-nya (userlist) menggunakan database Microsoft Access dengan format tabel sebagai berikut:
Field Data Type
username Text
password Text
fullname Text


Aplikasi tersebut akan error apabila kita melakukan sql injection pada menu login. Sebagai contoh: kita mengetikkan ‘or 1=1-- atau 'having 1=1-- pada form isian username dan password lalu meng-klik login maka aplikasi tersebut akan memunculkan halaman error.

Tampilan awal saat pengetikan username dan password pada menu login:














Tampilan berikutnya saat menu login dieksekusi dengan meng-klik icon login:

Diposting oleh di Tidak ada komentar:
Langganan: Postingan (Atom)