IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [ldap-injection]

6 questions
5
votes
2 answers

How do I sanitize LDAP input and prevent injection attacks? What LDAP injection scenarios are possible?

In the following C# example I'm querying AD's configuration container for Exchange overrides. If the domain name in unsanitised the end user could get LDAP to read a different object then intended. I'm not sure if other actions other than read are…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
2
votes
2 answers

Vuln Web App which includes LDAP Injection?

I want to check several techniques for LDAP injection, but I cannot find a vulnerable application (like Webgoat, Hacme etc.) which uses LDAP injection. Do you know of any vulnerable web application which includes LDAP Injection? If not, do you know…
Boaz Tirosh
  • 633
  • 2
  • 7
  • 18
2
votes
1 answer

Partially controlling LDAP BindDN parameter

In an application I was assessing, I found an interesting piece of code that took my attacker-supplied input and put it into the bindDN while preparing to connect to an LDAP server. [USERNAME]@domain.com Specifically, I can inject whatever I want…
Rob Gates
  • 249
  • 3
  • 11
2
votes
2 answers

C# LDAP Injection

Will the C# DirectoryEntry class vulnerable to LDAP Injection from the parameters of it constructor? For example: DirectoryEntry de = new DirectoryEntry(path, username, txtPassword.Text, AuthenticationTypes.Secure); DirectorySearcher search = new…
overshadow
  • 351
  • 3
  • 5
  • 17
1
vote
1 answer

How to exploit LDAP injection?

BurpSuite marked a website I am testing with having a potential LDAP injection vulnerability. It seems that when I put an asterisk in a parameter ex. getStuff?id=* I get a 500 error and Java error output. When I set it to something normal like 123 I…
user8098132
  • 11
  • 1
0
votes
1 answer

.net System.Security.Principal.WindowsPrincipal user namespace ldap injection

A recent scan of a .net web application detected an ldap injection vulnerability for a field that was used for a username assigned to an instance of a custom class named User. After stepping through the code, I found that the User instance was given…
tuson
  • 109
  • 8