Java Ldap Injection In Filter
Description
Detects LDAP injection vulnerabilities in Java applications where untrusted user input is used directly in LDAP search filter expressions. This allows attackers to modify LDAP queries and potentially access or modify unauthorized directory data.
Detection Strategy
• Identifies LDAP search operations that return NamingEnumeration results
• Checks if the search filter argument contains user-controlled input
• Reports a vulnerability when user input flows into LDAP search filters without proper sanitization
• Focuses on dangerous calls to search() method with tainted filter parameters
Vulnerable code example
import javax.naming.directory.InitialDirContext;
public class LdapSearch {
public void searchUser(String username) {
InitialDirContext ctx = new InitialDirContext();
String base = "dc=example,dc=com";
// Vulnerable: Direct concatenation of user input in LDAP filter
String filter = "(&(objectClass=person)(uid=" + username + "))";...✅ Secure code example
import javax.naming.directory.InitialDirContext;
import javax.naming.NamingEnumeration;
public class LdapSearch {
public void searchUser(String username) {
InitialDirContext ctx = new InitialDirContext();
String base = "dc=example,dc=com";
// Safe: Using parameterized filter with placeholder {0}...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.