RE: LDAP Pentest

From: Tal Mozes (TalM@comsec.co.il)
Date: Sat Sep 18 2004 - 19:53:38 EDT

• Next message: Todd Towles: "RE: LDAP Pentest"
• Previous message: Jerry Shenk: "RE: [Dailydave] RE: Network Exploitation Tools akaExploitationEngines & FUD"
• Maybe in reply to: andre lista: "LDAP Pentest"
• Next in thread: Todd Towles: "RE: LDAP Pentest"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I once succeeded to do LDAP injection, there is a good article about how to
do it from "SPI LABS".
You can also check for syntax at -
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/adsi
/search_filter_syntax.asp

Good luck,
Tal.

-----Original Message-----
From: andre lista [mailto:andre_lista@pop.com.br]
Sent: Friday, September 17, 2004 12:56 AM
To: pen-test@securityfocus.com
Subject: LDAP Pentest

All,

I would like to know if there is any tools or other related material that
could
help me on one LDAP directory pentest.

Thanks in Advance,
ANdre

----------------------------------------------------------------------------

--
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
---
**************************************************************************************************
The contents of this email and any attachments are confidential.
It is intended for the named recipient(s) only.
If you have received this email in error please notify the system manager or  the 
sender immediately and do not disclose the contents to any one or make copies.
** eSafe scanned this email for viruses, vandals and malicious content **
**************************************************************************************************
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

• Next message: Todd Towles: "RE: LDAP Pentest"
• Previous message: Jerry Shenk: "RE: [Dailydave] RE: Network Exploitation Tools akaExploitationEngines & FUD"
• Maybe in reply to: andre lista: "LDAP Pentest"
• Next in thread: Todd Towles: "RE: LDAP Pentest"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:05 EDT