Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] Tool for LDAP Enumeration

From: "Moonen, Ralph" <Moonen.Ralph () KPMG NL>
Date: Wed, 10 Jan 2001 10:43:46 +0100
I use ldapsearch (comes with openldap) under Linux. I then search for
CN=* which in some implementations dump the full db. Also, CN=admin*
CN=mail*
and others gives nice results sometimes. Depends on the population though.

--Ralph


-----Original Message-----
From: Loschiavo, Dave [mailto:DLoschiavo () FRCC CC CA US]
Sent: Tuesday, January 09, 2001 9:06 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] Tool for LDAP Enumeration


--- Virus checked / op virussen gecontroleerd ---

I'm poking at a Win2k box, and I can see the LDAP port. Are
there any tools
I can use to try to do some enumeration via LDAP? Also has
any heard of a
way to use Netscape to enumerate an Win2k box via LDAP?

-thanks




**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.

www.mimesweeper.com
**********************************************************************
Previous By Date Next
Previous By Thread Next

Current thread: