查看文章

Penetration testing on a website is discussed in this paper, in order to discover security vulnerabilities that may exist. The test is performed against a library CMS website, hosted in the same LAN with the attacker machine. The website is implemented using PHP and MySQL database, whereas sophisticated tools from the BackTrack 5 R3 Operating System are used for testing purposes. In addition to discovered vulnerabilities, some suggestions on improving website security are considered, as well.