LDAP Injection Techniques

Alonso, Jose Maria; Guzman, Antonio; Beltran, Marta; Bordon, Rodolfo
November 2009
Wireless Sensor Network;Nov2009, Vol. 1 Issue 4, p233
Academic Journal
The increase in the number of databases accessed only by some applications has made code injection attacks an important threat to almost any current system. If one of these applications accepts inputs from a client and executes these inputs without first validating them, the attackers are free to execute their own queries and therefore, to extract, modify or delete the content of the database associated to the application. In this paper a deep analysis of the LDAP injection techniques is presented. Furthermore, a clear distinction between classic and blind injection techniques is made.


Related Articles

  • Van Gennep updates PlanSystem software.  // Printing World;Nov2006, Vol. 307, p20 

    The article reports that the PlanSystem 3 of Van Gennep has been updated. It has new features including improved Lightweight Directory Access Protocol/Active directory integration, new folios and versioning features, improvements to plug-ins for Adobe Indesign and Incopy and the PlanSystem...

  • The Rise of Virtual Directory Servers. DEUBY, SEAN // Windows IT Pro;Apr2012, Vol. 18 Issue 4, p12 

    The article offers information on how virtual directory servers can simplify and access management environment. Information is provided on how a metadirectory server such as Microsoft's Identity Lifecycle Management (ILM), works. It discusses the strengths of a virtual directory server...

  • Active Directory.  // Network Dictionary;2007, p21 

    A definition of the term "active directory" is presented. It refers to an implementation of LDAP directory services by Microsoft for use in Windows environment. It stores information and settings relating to an organization in a central, organized, accessible database, and allows administrators...

  • Multimedia Flavor in Directory Services Environment. Rednic, Emanuil; Toma, Andrei // Informatica Economica;2009, Vol. 13 Issue 3, p59 

    The present article aims to present the extended functionality of LDAP based systems (known as Directory Services) of handling multimedia information such as photographs. The most frequently used are JPEG encoded photos. Furthermore this article will explain how this multimedia functionality can...

  • Widespread use creates a range of roles for those with LDap skills. Langley, Nick // Computer Weekly;4/25/2006, p56 

    This article reports that Lightweight Directory Access Protocol (LDap) is used in most suppliers' directory products, from Microsoft Corp. to the open source community. It began as an implementation of the cumbersome X-500 protocol that would be viable for desktop devices. LDap is used to access...

  • Learning from LDAP. Warger, Thomas // Edutech Report;Feb2008, Vol. 24 Issue 2, p7 

    The article reports on the purpose of Lightweight Directory Access Protocol (LDAP). LDAP's method for learning management systems (LMS) and assembling a central, authoritative list of user identities that can be shared by multiple applications is widely implemented. At an academic institution,...

  • Updates Emerge from SirsiDynix.  // Library Journal;11/1/2008, Vol. 133 Issue 18, p22 

    This article reports that the library automation software and services company SirsiDynix has released updates to its Horizon integrated library system (ILS), Horizon Information Portal, and its Web Reporter software. A feature on the Horizon ILS system is the ability to authenticate users via a...

  • BT plans greater role for MarketPulse directory.  // MarketWatch: Technology;Dec2008, Vol. 7 Issue 12, p19 

    The article reports on the plan of BT Global Financial Services to expand the hosted LDAP directory. To provision its MarketPulse circuits, the company has a LDAP directory with Web interface. The MarketPulse directory could be linked to customers' own on-premise LDAP directories or their Active...

  • LDAPs not that lightweight. Bannan, James // APC (Bauer Media Group);Oct2008, Vol. 28 Issue 10, p14 

    The article reflects on having a Microsoft Corp.-centric approach to information technology (IT) which tends one to get stuck in a particular mode of thought. It states that there are standards like eDirectory that is Lightweight Directory Access Protocol (LDAP)-compliant, making it...


Read the Article


Sorry, but this item is not currently available from your library.

Try another library?
Sign out of this library

Other Topics