3. LDAP Enumeration

1. LDAP enumeration using Nmap

sudo nmap -sU -p 389 [Target IP Address]
sudo nmap -p 389 --script ldap-brute --script-args '"cn=users,dc=[Target DC],dc=[Target DC]"' [Target IP Address]

2. LDAP enumeration using ldapsearch

ldapsearch -h [Target IP Address] -x -s base namingcontexts
# -x simple authentication -h specifies the host -s specifies the scope

ldapsearch -h [Target IP Address] -x -b "DC=[Target DC],DC=[Target DC]"
# -b base DN for search

ldapsearch -h [Target IP Address] -x -b "DC=[Target DC],DC=[Target DC]" "objectclass=*"

Previous2. SNMP Enumeration Next4. NFS Enumeration

Last updated 1 year ago