LDAP Enumeration

LDAP Enumeration

The Lightweight Directory Access Protocol(LDAP) is used to access directory listings within an active directory or from other services. A directory is compiled in hierarchical or logical form. It is suitable to attach with the Domain Name System(DNS) to allow quick lookup and fast resolution of queries. It generally runs on the port 389 and other similar 

protocols.

Sometimes, it is possible to query LADP service anonymously. The query can reveal information like valid usernames that can be further used for performing attacks.

Both command line and graphical tools are available for enumerating LADP.

LdapMiner:

It is command line tool that collects information from different LADP servers by identifying its type of server and then fetching specific information.

Syntax: ldapminer.exe -h host_ip options

-p [port]: default is 389

-B [bind]: default user null

-w [password]: default user password null

-b [base search]: search user, group

-d [dump all]: get all information

Example:

C:\>ldapminer.exe -h 127.0.0.1 -d

We will cover how to use Graphical tools in next section to this. Till next post just remember JXplorer and Softerra LDAP Browser are graphical tools available to enumerate LADP.