Penetration Testing mailing list archives
RE: LDAP Pentest
From: "Clement Dupuis" <cdupuis () cccure org>
Date: Sat, 18 Sep 2004 10:27:55 -0400
Good day Andre, There is a paper on LDAPInjection that you can download at: http://www.professionalsecuritytesters.org/modules.php?name=Downloads&d_op=v iewdownload&cid=15 Do not rule out ldp.exe that comes with the Windows Support tool, you can find a step by step example of using the tool for exploitation at: http://www.professionalsecuritytesters.org/modules.php?name=Downloads&d_op=v iewdownload&cid=15 Also look under the Web Links section of the PST at: http://www.professionalsecuritytesters.org/modules.php?name=Web_Links There are only a few links but not much, if anyone has good links, I invite you to add them to the list. Finally there is an older tool called LDAPminer that I have not used in a while that was developed to probe mainly exchange and netscape directories. You can find it as well at: http://www.professionalsecuritytesters.org/modules.php?name=Downloads&d_op=v iewdownload&cid=15 Let me know if you find any other resources Take care Clement Maintainer of the PST warehouse http://www.professionalsecuritytesters.org
-----Original Message----- From: andre lista [mailto:andre_lista () pop com br] Sent: Thursday, September 16, 2004 6:56 PM To: pen-test () securityfocus com Subject: LDAP Pentest All, I would like to know if there is any tools or other related material that could help me on one LDAP directory pentest. Thanks in Advance, ANdre -------------------------------------------------------------------------- ---- Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------- -----
------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- LDAP Pentest andre lista (Sep 18)
- RE: LDAP Pentest Clement Dupuis (Sep 21)
- Re: LDAP Pentest Frederic Charpentier (Sep 24)
- Re: LDAP Pentest Anders Thulin (Sep 21)
- Re: LDAP Pentest Walter Williams (Sep 24)
- Re: LDAP Pentest Walter Williams (Sep 24)
- Re: LDAP Pentest Frederic Charpentier (Sep 25)
- <Possible follow-ups>
- RE: LDAP Pentest Tal Mozes (Sep 21)
- RE: LDAP Pentest Todd Towles (Sep 21)
- RE: LDAP Pentest Clement Dupuis (Sep 21)