C Sharp Ldap Authentication None
Description
Detects when LDAP connections in C# applications are configured with no authentication, which allows anonymous access to directory services. This creates a significant security risk by potentially exposing sensitive directory information to unauthorized users.
Detection Strategy
• Identifies LDAP connection configurations where AuthenticationType property is set
• Checks if the authentication type is set to None or AuthenticationTypes.None
• Reports a vulnerability when LDAP connections are configured to allow anonymous/unauthenticated access
Vulnerable code example
using System.DirectoryServices;
public class LdapConnector {
public void ConnectToDirectory(string adPath) {
// Vulnerable: Uses no authentication, allowing anonymous LDAP access
DirectoryEntry entry = new DirectoryEntry(adPath);
entry.AuthenticationType = AuthenticationTypes.None;
...✅ Secure code example
using System.DirectoryServices;
public class LdapConnector {
public void ConnectToDirectory(string adPath, string username, string password) {
// Secure: Uses multiple security flags for authenticated, encrypted LDAP
var secureFlags = AuthenticationTypes.Secure |
AuthenticationTypes.Signing |
AuthenticationTypes.Sealing;...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.