# LDAP Injection

#### LDAP Injection

**Example 1: Java**

**Vulnerable Code:**

```java
javaCopy codeString filter = "(&(uid=" + user + ")(userPassword=" + password + "))";
NamingEnumeration<SearchResult> results = ctx.search("ou=users", filter, new SearchControls());
```

**Reason for vulnerability:** User input is directly used in the LDAP filter, allowing injection.

**Fixed Code:**

```java
javaCopy codeString filter = "(&(uid={0})(userPassword={1}))";
NamingEnumeration<SearchResult> results = ctx.search("ou=users", new Object[] { user, password }, new SearchControls());
```

**Reason for fix:** Use parameterized queries to prevent LDAP injection.

**Example 2: C#**

**Vulnerable Code:**

```csharp
csharpCopy codestring filter = "(&(uid=" + user + ")(userPassword=" + password + "))";
DirectorySearcher searcher = new DirectorySearcher(filter);
SearchResultCollection results = searcher.FindAll();
```

**Reason for vulnerability:** User input is directly used in the LDAP filter, allowing injection.

**Fixed Code:**

```csharp
csharpCopy codestring filter = "(&(uid={0})(userPassword={1}))";
DirectorySearcher searcher = new DirectorySearcher(filter, new string[] { user, password });
SearchResultCollection results = searcher.FindAll();
```

**Reason for fix:** Use parameterized queries to prevent LDAP injection.