Meetup Vulnerabilities: Escalation of Privilege and Redirection of Funds

LDAP Injection

Lightweight Directory Access Protocol (LDAP) is an open and vendor-neutral directory service protocol that runs on a layer above the TCP/IP stack. It provides the appropriate mechanism for accessing and modifying data directories, things that are commonly used today while developing intranet and internet (web) applications.

LDAP injections (queries) can be used to exploit vulnerable web applications, that be manipulated due to their inability to cope with malicious user input.

Read More

Jump to Category