|
Lightweight Directory Access Protocol (LDAP) is a widely used protocol for accessing information directories.
LDAP injection is the technique of exploiting web applications that use client-supplied data in LDAP statements without first stripping potentially harmful characters from the request. Readers should have a basic understanding of LDAP technology and web application parameter injection. The example used in this white paper was written using Active Server Page (ASP) under Microsoft Information Server (IIS) and making use of the LDAP control written by nSoftware. The back-end LDAP server used is SunOne Directory Server 5.0. |
LDAP Injection
New Update