SlideShare a Scribd company logo

LDAP Injection

NSConclave, profile picture
NSConclave

This document discusses LDAP injection, an attack where malicious code is inserted into a user input field to gain unauthorized access. It provides an overview of LDAP syntax and injection, demonstrating how an attacker can bypass authentication by closing parentheses in the username field. The document also notes LDAP injection can lead to privilege escalation and information disclosure. It recommends escaping special characters, using frameworks that encode LDAP queries, and applying least privilege to secure applications from LDAP injection.

Software
1 of 17
Downloaded 10 times
1
2
3
4
5
6
Most read
7
Most read
8
Most read
9
10
11
12
13
14
15
16
17
LDAP Injection Swapnil Jain Date: 28 April 2020
#Who Am I ● Security Analyst ● Twitter @swapnil_jn
Overview ● LDAP Injection ● Authentication Bypass ● Demo ● Impact ● Securing Applications against LDAP Injection
LDAP Injection The Lightweight Directory Access Protocol(LDAP) is used to store information about users hosts, and many other objects. LDAP injection is a type of attack on a web application where attackers place code in a user input field in an attempt to gain unauthorized access or information.
Basic LDAP Syntax Common Operators: ● “=” (equal to) ● & (logical and) ● | (logical or) ● ! (logical not) ● * (wildcard) Filter: ● (cn=sam) ● (cn=s*) ● (|(cn=s*)(cn=t*)) ● (&(cn=s*)(sn=*d))
Normal Working (&(cn=admin)(passwd=secret)) LDAP Server Admin authenticated
Authentication Bypass Username: admin)(&)), Password: ignored Web Server LDAP Server Directory Search AdminSet Cookie: PHPSESSIONID=admin
Test Case ● <input type="text" size=20 name="name">Enter the Username to search for</input> ● Searchfilter="(cn="+name+")" admin)(|(password=*) (cn=admin)(|(password=*) )
Authentication Bypass (Normal Request)
Payload Creation Original Request : http://10.90.100.50/ldap_lab/ldap/example2.php?name=hacker&password =hacker Payload : name=hacker)(cn=*))%00 Changed request: http://10.90.100.50/ldap_lab/ldap/example2.php?name=hacker)(cn=*))%0 0&password=hacker
Authentication Bypass(Contd.)
Information Disclosure
Information Disclosure(Contd.)
Impact ● Authentication bypass ● Privilege escalation ● Information disclosure
Countermeasures ● LDAP special characters are safely escaped, including at least ( ) ! | & * ● Use Frameworks that Automatically Protect from LDAP Injection ○ LINQ to Active Directory provides LDAP encoding when building LDAP queries. ● Least privilege
LDAP Injection
Thank You

More Related Content

PPTX
OWASP TOP 10 VULNERABILITIS
Null Bhubaneswar
 
PDF
Regular Expression Injection
NSConclave
 
PPTX
Sql injection
Zidh
 
PPTX
Sql injections - with example
Prateek Chauhan
 
PPTX
SQL Injection attack
Rayudu Babu
 
PPTX
Hunting for APT in network logs workshop presentation
OlehLevytskyi1
 
PDF
Sql Injection - Vulnerability and Security
Sandip Chaudhari
 
PPTX
Introduction to Malware Analysis
Andrew McNicol
 
OWASP TOP 10 VULNERABILITIS
Null Bhubaneswar
 
Regular Expression Injection
NSConclave
 
Sql injection
Zidh
 
Sql injections - with example
Prateek Chauhan
 
SQL Injection attack
Rayudu Babu
 
Hunting for APT in network logs workshop presentation
OlehLevytskyi1
 
Sql Injection - Vulnerability and Security
Sandip Chaudhari
 
Introduction to Malware Analysis
Andrew McNicol
 

What's hot (20)

PDF
Hacking With Nmap - Scanning Techniques
amiable_indian
 
PPTX
NETWORK PENETRATION TESTING
Er Vivek Rana
 
PDF
Cross site scripting
n|u - The Open Security Community
 
PPTX
SSRF exploit the trust relationship
n|u - The Open Security Community
 
PPTX
Apache web service
Manash Kumar Mondal
 
PDF
SSRF workshop
Ivan Novikov
 
PDF
Cross site scripting attacks and defenses
Mohammed A. Imran
 
PPTX
OWASP Top 10 2021 Presentation (Jul 2022)
TzahiArabov
 
PPT
Sql injection
Nikunj Dhameliya
 
PDF
Introduction to Web Application Penetration Testing
Netsparker
 
PPTX
Understanding Cross-site Request Forgery
Daniel Miessler
 
PDF
How fun of privilege escalation Red Pill2017
Ammarit Thongthua ,CISSP CISM GXPN CSSLP CCNP
 
PPTX
Vulnérabilité des sites web
Said Sadik
 
PPTX
Web Exploitation Security
Aman Singh
 
PPTX
I hunt sys admins 2.0
Will Schroeder
 
PPT
LDAP
Khemnath Chauhan
 
PPTX
Trusts You Might Have Missed
Will Schroeder
 
PPTX
PSConfEU - Offensive Active Directory (With PowerShell!)
Will Schroeder
 
PDF
Sécurité des applications web: attaque et défense
Antonio Fontes
 
PPTX
Cross Site Scripting ( XSS)
Amit Tyagi
 
Hacking With Nmap - Scanning Techniques
amiable_indian
 
NETWORK PENETRATION TESTING
Er Vivek Rana
 
Cross site scripting
n|u - The Open Security Community
 
SSRF exploit the trust relationship
n|u - The Open Security Community
 
Apache web service
Manash Kumar Mondal
 
SSRF workshop
Ivan Novikov
 
Cross site scripting attacks and defenses
Mohammed A. Imran
 
OWASP Top 10 2021 Presentation (Jul 2022)
TzahiArabov
 
Sql injection
Nikunj Dhameliya
 
Introduction to Web Application Penetration Testing
Netsparker
 
Understanding Cross-site Request Forgery
Daniel Miessler
 
How fun of privilege escalation Red Pill2017
Ammarit Thongthua ,CISSP CISM GXPN CSSLP CCNP
 
Vulnérabilité des sites web
Said Sadik
 
Web Exploitation Security
Aman Singh
 
I hunt sys admins 2.0
Will Schroeder
 
LDAP
Khemnath Chauhan
 
Trusts You Might Have Missed
Will Schroeder
 
PSConfEU - Offensive Active Directory (With PowerShell!)
Will Schroeder
 
Sécurité des applications web: attaque et défense
Antonio Fontes
 
Cross Site Scripting ( XSS)
Amit Tyagi
 
Ad

Similar to LDAP Injection (14)

PPTX
ldagwvwvbwbwvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvpinjection.pptx
VikasTuwar1
 
PPTX
Secure Code Warrior - LDAP injection
Secure Code Warrior
 
PPTX
Ldap injection
Sujay Gankidi
 
PDF
LDAP Injection & Blind LDAP Injection in Web Applications
Chema Alonso
 
PDF
LDAP Injections & Blind LDAP Injections Paper
E Hacking
 
PDF
LDAP Injection Techniques
Chema Alonso
 
PDF
introduction to ldap
Thevakumar Presanth
 
PPT
LDAP Injection & Blind LDAP Injection
Chema Alonso
 
PDF
Persistant Cookies and LDAP Injection
MaulikLakhani
 
PDF
Ldap 121020013604-phpapp01
SANE Ibrahima
 
PDF
Ldap introduction (eng)
Anatoliy Okhotnikov
 
PPT
AD & LDAP
Cynoteck Technology Solutions Private Limited
 
PDF
Do The Right Thing! How LDAP servers should help LDAP clients
LDAPCon
 
PDF
Practical-LDAP-and-Linux
Balaji Ravi
 
ldagwvwvbwbwvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvpinjection.pptx
VikasTuwar1
 
Secure Code Warrior - LDAP injection
Secure Code Warrior
 
Ldap injection
Sujay Gankidi
 
LDAP Injection & Blind LDAP Injection in Web Applications
Chema Alonso
 
LDAP Injections & Blind LDAP Injections Paper
E Hacking
 
LDAP Injection Techniques
Chema Alonso
 
introduction to ldap
Thevakumar Presanth
 
LDAP Injection & Blind LDAP Injection
Chema Alonso
 
Persistant Cookies and LDAP Injection
MaulikLakhani
 
Ldap 121020013604-phpapp01
SANE Ibrahima
 
Ldap introduction (eng)
Anatoliy Okhotnikov
 
AD & LDAP
Cynoteck Technology Solutions Private Limited
 
Do The Right Thing! How LDAP servers should help LDAP clients
LDAPCon
 
Practical-LDAP-and-Linux
Balaji Ravi
 
Ad

More from NSConclave (20)

PDF
RED-TEAM_Conclave
NSConclave
 
PPTX
Create a Custom Plugin in Burp Suite using the Extension
NSConclave
 
PPTX
IOT SECURITY ASSESSMENT Pentester's Approach
NSConclave
 
PPTX
Debugging Android Native Library
NSConclave
 
PPTX
Burp Suite Extension Development
NSConclave
 
PDF
Log Analysis
NSConclave
 
PDF
HTML5 Messaging (Post Message)
NSConclave
 
PDF
Node.js Deserialization
NSConclave
 
PDF
RIA Cross Domain Policy
NSConclave
 
PDF
Python Deserialization Attacks
NSConclave
 
PDF
Sandboxing
NSConclave
 
PDF
NoSql Injection
NSConclave
 
PDF
Thick Client Testing Advanced
NSConclave
 
PDF
Thick Client Testing Basics
NSConclave
 
PDF
Markdown
NSConclave
 
PDF
Docker 101
NSConclave
 
PDF
Security Architecture Consulting - Hiren Shah
NSConclave
 
PDF
OSINT: Open Source Intelligence - Rohan Braganza
NSConclave
 
PDF
Lets get started with car hacking - Ankit Joshi
NSConclave
 
PDF
Advanced Wireless Reconnaissance And Testing - Rohit Jadav
NSConclave
 
RED-TEAM_Conclave
NSConclave
 
Create a Custom Plugin in Burp Suite using the Extension
NSConclave
 
IOT SECURITY ASSESSMENT Pentester's Approach
NSConclave
 
Debugging Android Native Library
NSConclave
 
Burp Suite Extension Development
NSConclave
 
Log Analysis
NSConclave
 
HTML5 Messaging (Post Message)
NSConclave
 
Node.js Deserialization
NSConclave
 
RIA Cross Domain Policy
NSConclave
 
Python Deserialization Attacks
NSConclave
 
Sandboxing
NSConclave
 
NoSql Injection
NSConclave
 
Thick Client Testing Advanced
NSConclave
 
Thick Client Testing Basics
NSConclave
 
Markdown
NSConclave
 
Docker 101
NSConclave
 
Security Architecture Consulting - Hiren Shah
NSConclave
 
OSINT: Open Source Intelligence - Rohan Braganza
NSConclave
 
Lets get started with car hacking - Ankit Joshi
NSConclave
 
Advanced Wireless Reconnaissance And Testing - Rohit Jadav
NSConclave
 

Recently uploaded (20)

PDF
Autodesk AutoCAD Crack Free Download 2025
hggfcrd hgggref
 
PDF
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
PPTX
WiFi Honeypot Detecscfddssdffsedfseztor.pptx
singlesrihari
 
PDF
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
PPTX
Why Generative AI is the Future of Content, Code & Creativity?
Webuters Technologies Pvt. Ltd
 
PDF
CapCut Video Editor 6.8.1 Crack for PC Latest Download (Fully Activated) 2025
itskinga12
 
PDF
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
PPTX
AMADEUS TRAVEL AGENT SOFTWARE | AMADEUS TICKETING SYSTEM
philipnathen82
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
PDF
Website Design Services for Small Businesses.pdf
ecomme9
 
PPTX
history of c programming in notes for students .pptx
Vijayakumari829030
 
PDF
iTop VPN Free 5.6.0.5262 Crack latest version 2025
itskinga12
 
PPTX
Advanced SystemCare Ultimate Crack + Portable (2025)
adanataj41
 
PDF
Product Update: Alluxio AI 3.7 Now with Sub-Millisecond Latency
Alluxio, Inc.
 
PDF
AI-Powered Threat Modeling: The Future of Cybersecurity by Arun Kumar Elengov...
Arun Kumar Elengovan
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
PDF
AutoCAD Professional Crack 2025 With License Key
youngle786g
 
PDF
iTop VPN 6.5.0 Crack + License Key 2025 (Premium Version)
youngle786g
 
PPTX
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
PDF
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
Autodesk AutoCAD Crack Free Download 2025
hggfcrd hgggref
 
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
WiFi Honeypot Detecscfddssdffsedfseztor.pptx
singlesrihari
 
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
Why Generative AI is the Future of Content, Code & Creativity?
Webuters Technologies Pvt. Ltd
 
CapCut Video Editor 6.8.1 Crack for PC Latest Download (Fully Activated) 2025
itskinga12
 
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
AMADEUS TRAVEL AGENT SOFTWARE | AMADEUS TICKETING SYSTEM
philipnathen82
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
Website Design Services for Small Businesses.pdf
ecomme9
 
history of c programming in notes for students .pptx
Vijayakumari829030
 
iTop VPN Free 5.6.0.5262 Crack latest version 2025
itskinga12
 
Advanced SystemCare Ultimate Crack + Portable (2025)
adanataj41
 
Product Update: Alluxio AI 3.7 Now with Sub-Millisecond Latency
Alluxio, Inc.
 
AI-Powered Threat Modeling: The Future of Cybersecurity by Arun Kumar Elengov...
Arun Kumar Elengovan
 
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
AutoCAD Professional Crack 2025 With License Key
youngle786g
 
iTop VPN 6.5.0 Crack + License Key 2025 (Premium Version)
youngle786g
 
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 

LDAP Injection