C Sharp Ldap Injection In Searcher
Description
Detects LDAP injection vulnerabilities in C# code where untrusted input is used directly in LDAP directory searcher queries. This could allow attackers to manipulate LDAP queries and potentially access or modify unauthorized directory data.
Detection Strategy
• Identifies calls to LDAP searcher methods 'FindOne' and 'FindAll'
• Checks if the LDAP searcher object (dir_searcher) or its parameters (user_parameters, user_connection) contain unvalidated user input
• Reports a vulnerability when user-controlled data flows into these LDAP search methods without proper sanitization
Vulnerable code example
using System.DirectoryServices;
public class UserSearch {
public void SearchUser(string userName) {
// Vulnerable: Direct concatenation of user input in LDAP filter
string filter = "(uid=" + userName + ")";
DirectorySearcher searcher = new DirectorySearcher(filter);
searcher.FindAll();...✅ Secure code example
using System.DirectoryServices;
using System.Text.RegularExpressions;
public class UserSearch {
public void SearchUser(string userName) {
// Validate input with regex to allow only safe characters
if (!Regex.IsMatch(userName, @"^[a-zA-Z0-9_.-]{1,64}$")) {
return;...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.