Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The concept of LDAP injection is similar to SQL injection, except that the target is Active Directory or any LDAP server. The idea is to inject untrusted data into a LDAP query by malicious users.
Here comes a paper to explain that.
https://www.spidynamics.com/support/whitepapers/LDAPinjection.pdf