Skip to content

PenTestMano/ldap_disjection

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.vscode
.vscode
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ldap_disjection.py
ldap_disjection.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

ldap_disjection

Discover and BruteForce LDAP Fields From Vulnerable Web App.

This Tool has been created for HTB Analysis Machine

Examples:

  • Scan for valid fields
python3 ldap_disjection.py -m discover -u 'http://internal.analysis.htb/users/list.php' -ps 'name' -cn "CONTACT_" -G -s 0.2 -r '(<tr>.*</tr>)'
  • BruteForce field value:
python3 ldap_disjection.py -m brutforce -u 'http://internal.analysis.htb/users/list.php' -ps 'name' -pv 'technician' -pb 'FIELD_NAME' -c technician -G -s '0.2' -l 2 -r '(<tr>.*</tr>)'

About

Discover and BruteForce LDAP Fields From Web App

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages