Penetration Testing mailing list archives
RE: LDAP Injection
From: Erez Metula <erezmetula () 2bsecure co il>
Date: Wed, 18 Mar 2009 16:35:50 +0200
Hey Jon, Give a try to the "Ldap Injector" tool (Alonso/Parada), capable of performing blind ldap injection attacks. Cheers, Erez. ________________________________ Erez Metula, CISSP Application Security Department Manager, 2BSecure Mobile: 972-54-2108830 Office: 972-3-6492007 Attend the next ".NET Framework Rootkits" presentation at the following conferences: CanSecWest Vancouver, 19 Mar. 2009 BlackHat Europe, 17 Apr. 2009 -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Nikhil Wagholikar Sent: Wednesday, March 04, 2009 2:51 AM To: pen-test list Subject: Re: LDAP Injection Hi Jon, You can give a try to SecurityQA Toolbar from iSEC Partners. More Info: http://www.isecpartners.com/SecurityQAToolbar.html --- Nikhil Wagholikar Practice Lead | Security Assessment & Digital Forensics Network Intelligence (I) Pvt. Ltd. [NII Consulting] Web: http://www.niiconsulting.com/ Comprehensive Information Security Training http://www.niiconsulting.com/services/education/Training%20Calendar.html 2009/2/28 Jon Kibler <Jon.Kibler () aset com>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Anyone know of a tool for automated LDAP injection? How about a tool set that will assist with LDAP injection, even it the tool does not automate the attack? THANKS! Jon Kibler - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmoowYACgkQUVxQRc85QlNcTgCfTnU2Opi2N8EgGAcoyhX5jrIV 0iwAniV+jEmlMiWG77rHATf4DqFu5yOz =0CpI -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------
Current thread:
- Re: LDAP Injection Nikhil Wagholikar (Mar 04)
- RE: LDAP Injection Erez Metula (Mar 18)