Re: LDAP + Active Directory
From: Adrien de Beaupre (adrien.debeaupre@elytra.com)Date: 10/16/01
- Previous message: Dave Aitel: "New Tool Release: Sharefuzz"
- In reply to: juan.francisco.falcon@ar.pwcglobal.com: "RE: LDAP + Active Directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <001b01c155e8$62f82dd0$6500000a@inelytra.com> From: "Adrien de Beaupre" <adrien.debeaupre@elytra.com> To: <pen-test@securityfocus.com> Subject: Re: LDAP + Active Directory Date: Mon, 15 Oct 2001 22:15:08 -0400
If you are using Win2k Professional LDP.EXE from the resource kit
is a simple but functional LDAP client.
Construct queries, playing around will often reveal a lot.
ld = ldap_open("victim-server", 389);
ldap_search_s(ld, "dc=victim,dc=com", 2, "cn=*", attrList, 0, &msg)
ldap_search_s(ld, "dc=victim,dc=com", 0, "objectclass=*", attrList, 0,
&msg)
ldap_search_s(ld, "dc=victim,dc=com", 2, "name=*", attrList, 0, &msg)
Expanding base 'dc=victim,dc=com'...
Adrien de Beaupré, CISSP, GCIH, MCSE
IT Security Specialist
Elytra Enterprises Inc.
----- Original Message -----
>
> LDAP uses an anonymous access for reading the tree, so if using a
Netscape
> browser you type:
>
> ldap://machine.com:<port>/o=suffix??sub?
>
> you should see all the tree, including the ACI´s
>
> port is usually # 389
> and the machine.com must be the FQN.
>
> hope this help
>
>
>
>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Dave Aitel: "New Tool Release: Sharefuzz"
- In reply to: juan.francisco.falcon@ar.pwcglobal.com: "RE: LDAP + Active Directory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
