Collaborate Disseminate
BurpSuite marked a website I am testing with having a potential LDAP injection vulnerability. It seems that when I put an asterisk in a parameter ex. getStuff?id=* I get a 500 error and Java error output. When I set it to something normal … Continue reading How to exploit LDAP injection?
In an application I was assessing, I found an interesting piece of code that took my attacker-supplied input and put it into the bindDN while preparing to connect to an LDAP server.
[USERNAME]@domain.com
Specifically, I ca… Continue reading Partially controlling LDAP BindDN parameter
I am currently learning website penetration testing with bWAPP. I’m having great difficulties setting up bWAPP for LDAP Injection attacks. My main issue is setting up the attack here is a screenshot of my lab.
I have tried… Continue reading bWAPP LDAP Injection
I found this paper which explains pretty well LDAP injection, and I have a question about a particular injection.
The paper supposes that a query filter is built as follow (cf. page 5) :
(&(USER = Uname) (PASSWORD = Pwd)… Continue reading Is my LDAP injection correct?
Joomla on Tuesday patched a critical LDAP injection vulnerability that had lingered in the content management system for eight years. Attackers could use this bug to steal admin login credentials. Continue reading Joomla Patches Eight-Year-Old LDAP Injection Vulnerability
In the following C# example I’m querying AD’s configuration container for Exchange overrides. If the domain name in unsanitised the end user could get LDAP to read a different object then intended.
I’m not sure if other actions other th… Continue reading How do I sanitize LDAP input and prevent injection attacks? What LDAP injection scenarios are possible?