LDAP Injection Vulnerability, Explained
Too Long; Didn't Read
Lightweight Directory Access Protocol is a methodology designed to read data in a directory, file or device. Common uses of LDAP is to provide centralised authentication, so, it can be used to validate the users to allow access to restricted modules of any application. LDAP injection is a vulnerability where query statements are created from unreliable inputs which are not properly sanitized or validated. Special characters like "*" can create other malicious queries as well. There are a lot many LDAP injections loopholes that can be executed on a vulnerable server.