Penetration Testing mailing list archives

Re: LDAP + Active Directory

From: "Adrien de Beaupre" <adrien.debeaupre () elytra com>
Date: Mon, 15 Oct 2001 22:15:08 -0400

If you are using Win2k Professional LDP.EXE from the resource kit
is a simple but functional LDAP client.
Construct queries, playing around will often reveal a lot.

ld = ldap_open("victim-server", 389);
ldap_search_s(ld, "dc=victim,dc=com", 2, "cn=*", attrList,  0, &msg)
ldap_search_s(ld, "dc=victim,dc=com", 0, "objectclass=*", attrList,  0,
&msg)
ldap_search_s(ld, "dc=victim,dc=com", 2, "name=*", attrList,  0, &msg)
Expanding base 'dc=victim,dc=com'...

Adrien de Beaupré,  CISSP, GCIH, MCSE
IT Security Specialist
Elytra Enterprises Inc.
----- Original Message -----


 LDAP uses an anonymous access for reading the tree, so if using a

Netscape

browser you type:

ldap://machine.com:<port>/o=suffix??sub?

you should see all the tree, including the ACI´s

port is usually # 389
and the machine.com must be the FQN.

hope this help




----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

LDAP + Active Directory Tim Russo (Oct 13)
- Re: LDAP + Active Directory Patrick Patterson (Oct 13)
  - RE: LDAP + Active Directory Sacha Faust (Oct 14)
- <Possible follow-ups>
- RE: LDAP + Active Directory juan.francisco.falcon (Oct 15)
  - Re: LDAP + Active Directory Adrien de Beaupre (Oct 15)