About LDAP injection

  • Article

The concept of LDAP injection is similar to SQL injection, except that the target is Active Directory or any LDAP server. The idea is to inject untrusted data into a LDAP query by malicious users.

Here comes a paper to explain that.

https://www.spidynamics.com/support/whitepapers/LDAPinjection.pdf