LDAP Injection

Introduction

LDAP, which stands for Lightweight Directory Access Protocol, is a widely used protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. LDAP enables organizations to manage users centrally, as well as groups and other directory information, often used for authentication and authorization purposes in web and internal applications.

Objectives

1. Provide a thorough understanding of LDAP and its role in directory services.
2. Explore the LDAP tree structure and its key components.
3. Introduce LDAP Injection, its impact, and how it can be exploited.
4. Equip participants with the knowledge and skills to identify and mitigate LDAP Injection vulnerabilities.

Pre-requisites

1. A foundational understanding of how directory services work, particularly LDAP.
2. Basic knowledge of web application security principles and common vulnerabilities.
3. Familiarity with the structure and components of LDAP, such as Distinguished Names (DNs) and attributes.
4. Experience with tools and techniques for security testing of web applications, such as OWASP ZAP or Burp Suite.