Examples/Safe_LdapInjection_1.ps1
|
function Search-LdapSafe { param($userName, $password) $safeUser = [Microsoft.Security.Application.Encoder]::LdapFilterEncode($userName) $safePwd = [Microsoft.Security.Application.Encoder]::LdapFilterEncode($password) $filter = "(&(userId=$safeUser)(UserPassword=$safePwd))" $searcher = New-Object psobject $searcher.Filter = $filter return $searcher } |