Lifedork

Information disclosure vulnerability could be exist in the microsoft ldap server responds when it’s binding to the ldap server. When an invalid password is provided, the server will respond with result code 49 (invalidCredentials) and an error message. A different error message is returned if an invalid username is provided. Here’s the usage of the ldapuserenum : (taken from http://labs.portcullis.co.uk/application/ldapuserenum/)

Usage

$ python ldapuserenum-0.1.py -h
Usage: ldapuserenum-0.1.py [-i] -t

Options:
–version show program’s version number and exit
-h, –help show this help message and exit
-d show description and exit
-t TARGET target IP or hostname
-i, –info show LDAP information gathering results

Example

$ python ldapuserenum-0.1.py -t 192.168.123.32

Going to enumerate users taking ‘./users.txt’ file as input

[*] Enumerated users:
[*] User: testuser
[*] LDAP error code: 52e
[*] LDAP message: invalid credentials
[*] User: administrator
[*] LDAP error code: 52e
[*] LDAP message: invalid credentials
[*] User: guest
[*] LDAP error code: 52e
[*] LDAP message: invalid credentials
[*] User: aspnet
[*] LDAP error code: 52e
[*] LDAP message: invalid credentials

Related articles :

• LDAP browsing with Luma
• Devil-Linux distro bundles router/firewall and server in one live CD
• Get thin client benefits for free with openThinClient
• Bad idea of the day: upgrading to Lenny with aptitude

Please explore this blog to obtain more informations about sql inject tutorial , cara ngehack fs , webgoat tutorials , friendster password cracker , and so on

Computer Security Stuff on eBay!
Electronics stuffs on ebay

ldapuserenum - Active Directory LDAP Server Information Disclosure Vulnerability is posted on November 14th, 2008 by admin. This post is filed under: Sectools, Security, Active Directory, Client, Elastra, LDAP, Lightweight Directory Access Protocol, PHP, Protocols, User .

Some people come to this post with this search term: ldapuserenum, hack friendster password, ldap 52e, active directory 52e, cara ngehack friendster, Cara hack friendster, hack active directory, backtrack ldap, Active Directory error 52E, ldap error code 52e, cara ngehack facebook, cara hack facebook, 52e ldap, friendster password cracker, hacking active directory, ngehack friendster, ldap backtrack, bsql hacker tutorial, ldapuserenum-0.1.py, cara hack fs,

And here is the related entries of this post:

• Depant - Default Password Network Tool
• phpbb.com was hacked
• webshag 1.00 - multi-platform web server audit tool Just Released !
• Sql Injection Tutorial
• BSQL Hacker - Automated Sql Injection Tool Video