Vulnerability analysis with SQLMAP applied to APEX 5 environments

Main Article Content

Esteban Crespo-Martinez https://orcid.org/0000-0002-3061-9045

Abstract

Databases are usually the main targets of an attack, specifically for the information that they store, since, according to Druker, information is power. In this work vulnerability tests are performed of the database of an ERP software developed in APEX 5. For this purpose, FOSS tools are used to test and analyze vulnerabilities of databases, identifying that sessions used by ERP based on Oracle APEX are carried out randomly, and besides are generated again at particular times. It is therefore concluded that, with the tests applied and the updates of SQLMAP to the date of the experiment, it has not been possible to vulnerate the ERP software with SQL injection techniques.