Back to blog
Apr 08, 2026
2 min read
...

LDAP Injection

Exploiting Lightweight Directory Access Protocol.

Web Application Pentesting > Injection Attacks > LDAP Injection

LADP Injection

Task 1

Introduction

  1. Deploy the target VM attached to this task by pressing the green Start Machine button. We will use the machine’s generated IP address later at the end of the room. You can access the VM using your VPN connection or the AttackBox.
No answer needed

Structure

  1. Click me to proceed to the next task.
No answer needed

Search Queries

  1. Click me to proceed to the next task.
No answer needed

Injection Fundamentals

  1. Click me to proceed to the next task.
No answer needed

Exploting LDAP

  1. What is the flag?
THM{!b451c_ld4p_inj3ct1ON!}

Blind LDAP Injection

  1. Click me to proceed to the next task.
No answer needed

Automating the Exploitation

  1. What is the flag in the dashboard?
THM{!!bl1nDLd4P1nj3ct10n!!}

Conclusion

  1. I can now exploit LDAP Injection vulnerabilities!
No answer needed

¿Te resultó útil este contenido?

Compártelo con otros desarrolladores que puedan encontrarlo interesante

Twitter LinkedIn

Comentarios

Anterior
Lo nuevo de angular 18
Siguiente
XXE Injection