From 34434f44392a731e1d638bbf8f57b5fe0e9e8fdd Mon Sep 17 00:00:00 2001 From: RRudder <96507400+RRudder@users.noreply.github.com> Date: Thu, 9 Nov 2023 15:42:18 +1000 Subject: [PATCH] Addressing review feedback --- .../ldap_injection/template.md | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/submissions/description/server_side_injection/ldap_injection/template.md b/submissions/description/server_side_injection/ldap_injection/template.md index 8c96aa3b..83083674 100644 --- a/submissions/description/server_side_injection/ldap_injection/template.md +++ b/submissions/description/server_side_injection/ldap_injection/template.md @@ -1,18 +1,16 @@ # LDAP Injection ## Overview -LDAP Injection is an attack used to exploit web based applications that construct LDAP statements based on user input. When an application fails to properly sanitize user input, it’s possible to modify LDAP statements using a local proxy. This could result in the execution of arbitrary commands such as granting permissions to unauthorized queries, and content modification inside the LDAP tree. The same advanced exploitation techniques available in SQL Injection can be similarly applied in LDAP Injection. +LDAP injection is an attack used to exploit web based applications that construct LDAP statements based on user input. When an application fails to properly sanitize user input, it’s possible to modify LDAP statements using a local proxy. This LDAP injection vulnerability could allow an attacker to execute arbitrary commands, such as granting permissions to unauthorized queries, and content modification inside the LDAP tree. The same advanced exploitation techniques available in SQL injection can be similarly applied in LDAP injection. ## Business Impact -Attackers might use an LDAP injection to insert malicious code that allows them to see all the usernames and passwords assigned to a system or to add their names as system administrators. A successful LDAP injection can be a major security breach,reputation loss and financial losses for the company. +LDAP injection vulnerabilities can lead to reputational damage through the impact to customers’ trust, or to regulatory fines due to an attacker’s unauthorized access to data. The severity of the impact to the business is dependent on the sensitivity of the data being stored in, and transmitted by the application. ## Steps to Reproduce -1. Using a browser, login to in-scope asset at: {{URL}} -1. Browse to account page -1. Modify ID token to add single quote -1. View the following query which states 'LDAP Injection' -1. Replace ID value with the following payload: +1. Using a browser, log into the webpage: {{URL}} +1. In the request to URI modify the token XYZ by appending a quote ``` and you'll see an error return +1. Replace this with the payload below and you'll see a response indicating an injection occuring: ``` {{payload}} @@ -20,10 +18,6 @@ Attackers might use an LDAP injection to insert malicious code that allows them ## Proof of Concept (PoC) -The screenshot below demonstrates the LDAP Injection being executed: +The screenshot(s) below demonstrate(s) the vulnerability: {{screenshot}} - - -## References -https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html