Assmigment 5 week 5-BD308-2481410985-Salman Hakiki

pertanyaan:

  1. Why is keeping software (like WordPress, Magento, etc.) and its plugins updated a critical security task?
  2. Explain the concept of input validation and how it can prevent attacks like SQL injection.
  3. What are the security risks of using weak or default passwords for application admin panels?

status: 100%

katerangan: saya sudah mengerjakan dengan baik dan benar

bukti:

1) Why updates are critical for security

Modern web platforms are large ecosystems with core software plus many third-party plugins, themes, and extensions. When vulnerabilities are discovered, developers typically release patches quickly. Attackers then reverse-engineer those fixes to identify unpatched systems.

2) Input validation and how it prevents SQL injection

Input validation is the process of checking and controlling data entered by users before it is processed by an application. It ensures that input matches expected formats, types, lengths, and values.A major threat it helps prevent is SQL injection, where attackers insert malicious SQL code into input fields (like login forms or search boxes). If the application directly includes that input in a database query, the attacker can manipulate the query.

3) Risks of weak or default admin passwords

Using weak or default passwords in application admin panels is one of the easiest ways attackers gain full control of a system.

The risks include:

Credential stuffing and brute force attacks: Automated tools rapidly try common passwords like “admin123” or leaked credential pairs from other breaches.

Default credential exploitation: Many systems ship with known default logins (e.g., admin/admin). Attackers routinely scan the internet for these.

Complete system takeover: Once inside an admin panel, attackers can modify content, install malicious plugins, create backdoors, or exfiltrate data.

Lateral movement: Compromised admin access often becomes a foothold for attacking connected services, databases, or servers.

Previous Post Previous Post
Newer Post Newer Post

Leave a comment