LDAP Enumeration

The Lightweight Directory Access Protocol(LDAP) is used to access directory listings within an active directory or from other services. A directory is compiled in hierarchical or logical form. It is suitable to attach with the Domain Name System(DNS) to allow quick lookup and fast resolution of queries. It generally runs on the port 389 and other similarprotocols.
 
Sometimes, it is possible to query LADP service anonymously. The query can reveal information like valid usernames that can be further used for performing attacks.
Both command line and graphical tools are available for enumerating LADP.

LdapMiner:
It is command line tool that collects information from different LADP servers by identifying its type of server and then fetching specific information.
 
Syntax: ldapminer.exe -h host_ip options
-p [port]: default is 389
-B [bind]: default user null
-w [password]: default user password null
-b [base search]: search user, group
-d [dump all]: get all information
Example:
C:\>ldapminer.exe -h 127.0.0.1 -d
We will cover how to use Graphical tools in next section to this. Till next post just remember JXplorer and Softerra LDAP Browser are graphical tools available to enumerate LADP.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s