PaulDotCom mailing list archives

pentesting LDAP

From: Robin Wood <robin () digininja org>
Date: Wed, 15 Dec 2010 10:21:49 +0000

On my last two tests I've come across issues with LDAP servers and
only been able to do basic testing on them so figured it is time to
improve my LDAP skills. Someone on twitter pointed me at this guide
which is a good intro to LDAP itself http://www.zytrax.com/books/ldap/
but I'm now looking for any references for actually testing LDAP.
Things like what to look for/expect, common mis-configurations,
security related rather than admin related.

Any guides on getting my Windows VM lab setup with LDAP vulns that I
can play with would be good.

Robin
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

pentesting LDAP Robin Wood (Dec 15)
- Re: pentesting LDAP David Porcello (Dec 15)
  - Re: pentesting LDAP Robin Wood (Dec 15)
    - Re: pentesting LDAP David Porcello (Dec 15)
    - Re: pentesting LDAP Ryan Sears (Dec 15)