CompTIA PenTest+ (PT0-002) — Question 416

During an assessment, a penetration tester discovers the following code sample in a web application:

"(&(userid=*)(userid=*))(|(userid=*) (userPwd={SHA1}a9993e364706816aba3e25717850c26c9cd0d89d==))";

Which of the following injections is being performed?

Answer options

• A. Boolean SQL
• B. Command
• C. Blind SQL
• D. LDAP

Correct answer: D

Explanation

The code sample uses LDAP syntax, particularly with the use of the '(&(...)' and '(|...)' constructs, which indicates an LDAP injection attack. The other options, such as SQL injections or Command injections, do not relate to the LDAP context shown in the code.