Skip to content

Proof-of-Concept tool for CVE-2021-29156, an LDAP injection vulnerability in ForgeRock OpenAM v13.0.0.

Notifications You must be signed in to change notification settings

guidepointsecurity/CVE-2021-29156

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 

Repository files navigation

CVE-2021-29156 Proof-of-Concept

(c) 2021 GuidePoint Security Charlton Trezevant [email protected]

Background

Today GuidePoint is pleased to release a functional Proof-of-Concept tool for CVE-2021-29156, an LDAP injection vulnerability in ForgeRock OpenAM v13.0.0. This vulnerability allows an attacker to extract a variety of information (such as a user’s password hash) from vulnerable OpenAM servers using a character-by-character brute force attack.

Usage

To use this tool, simply adjust the baseURL, proxy, and user variables and run the script.

By default, this tool is configured to extract the password hash of the amAdmin user. As valid characters are discovered, the password hash string will be displayed in the console. Further adjustments may be made to the LDAP injection payloads if exfiltration of other data from the OpenAM instance is desired.

Additional Resources

For a more in-depth look at this vulnerability, PortSwigger has an excellent writeup of the exploit itself and its theory of operation.

About

Proof-of-Concept tool for CVE-2021-29156, an LDAP injection vulnerability in ForgeRock OpenAM v13.0.0.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages