Based in San Francisco Bay Area, Securesql is a blog by John Menerick. His insights dissect complex systems, offering a masterclass in cyber guardianship through expert analysis and cutting-edge protective strategies.

LDAP Tool Box vulnerabilities

John Menerick

This vulnerability allows one to bypass weak XSS filtering / validation on vulnerable installations of LDAP Tool Box. User interaction is required to exploit this vulnerability in that the target must open or browse a malicious link.  

The vulnerable weak XSS filtering mechanism will prevent some but not all XSS injections.  It really depends on the execution context.  Relying on the htmlentities encoding function is equivalent to using a very weak blacklist.  

I have written a proof-of-concept exploit which causes a fake login page, with corresponding javascript key logger, to render in the victim's browser.  

 

Affected Products

All installations of LDAP Tool Box which does not have the appropriate patch applied

 

Remediation

Until LDAP Tool Box releases an upgraded version, please apply the patch found here.  

 

Additional information

http://wiremask.eu/?p=tutorials&id=10

Issue

 

 

 

 

 

 

 

One less hammer in my toolbox

English is not the Internet's language