Which of the following application attacks is used against a corporate directory service where there are
unknown servers on the network?
Rogue access point
A directory service is accessed by using LDAP (Lightweight Directory Access Protocol). LDAP injection is an
attack against a directory service.
Just as SQL injection attacks take statements that are input by users and exploit weaknesses within, an LDAP
injection attack exploits weaknesses in LDAP (Lightweight Directory Access Protocol) implementations. This
can occur when the user’s input is not properly filtered, and the result can be executed commands, modified
content, or results returned to unauthorized queries. The best way to prevent LDAP injection attacks is to filter
the user input and to use a validation scheme to make certain that queries do not contain exploits.
One of the most common uses of LDAP is associated with user information. Numerous applications exist such
as employee directories, where users find other users by typing in a portion of their name. These queries are
looking at the cn value or other fields (those defined for department, home directory, and so on). Someone who
is attempting LDAP injection could feed unexpected values to the query to see what results are returned. All too
often, finding employee information equates to finding usernames and values about those users that could be
portions of their passwords.