•  
  •  
 

Palestinian Journal for Open Learning & e-Learning

Palestinian Journal for Open Learning & e-Learning

Abstract

This research deals with the issue of (Sql injection in MOODLE whichused in the Open University of Sudan) . It includes three frameworks: thefirst is the general framework of the research, which consists of the researchproblem, objectives, importance, hypotheses and procedures of the research;the second discusses the theoretical framework of research, which includesthe E- Learning in the Open University of Sudan, MOODLE, Sql Injectionand the previous studies, and finally, is the practical framework where theresearcher writes the vulnerabilities and loopholes in MOODLE code. At theend of the research, the researcher discusses the results and recommendations.This research aims to find out how the presence of sql injection threatsin the core of MOODLE code and the possibility of patching these threats toprevent the hacking of the system and protect the data therein. The researchfound out two of the software vulnerabilities and loopholes in MOODLEcode, sql injection and blind sql injection. Eventually the researcher patchedthese vulnerabilities through using a practical approach, which depend onthe researcher experience in dealing with MOODLE and PHP programminglanguage, as well as using the Acunetix Web Vulnerability Scanner tool. Thestudy was applied to the Open University of Sudan, Khartoum region website, where MOODLE is used as a main platform.

Share

COinS