adam's notes

Lightweight Directory Access Protocol (LDAP)

Lightweight Directory Access Protocol (LDAP) is a network protocol used to access network directory databases.

  • directories store information about
    • authorized users and their privileges
    • other organizational data
  • is not a directory standard
    • is a protocol used to query and update an X.500-like directory
  • widely supported in directory products
    • e.g., Windows Active Directory
  • uses TCP and UDP port 389
  • vulnerable to LDAP injection attack
    • attacker exploits input validation vulnerabilities to construct and execute an unauthorized LDAP query
    • may result in
      • the modification of LDAP content
      • or granting of permissions to an unauthorized query

Graph View

Backlinks