Articles by @lowercase_drm

Bypassing LDAP Channel Binding with StartTLS

Published on Thu 28 April 2022 by @lowercase_drm

While doing research on LDAP client certificate authentication, we realized that the LDAP implementation of Active Directory supports the StartTLS mechanism, which has interesting implications on relay attacks.