1. The example below shows a bind request and the successful bind response from the LDAP service.
1 10.132.0.88 10.166.0.2 LDAP 131 bindRequest(1) "cn=Valeriy Petrov,ou=Users,dc=test,dc=com" simple
2 10.166.0.2 10.132.0.88 LDAP 82 bindResponse(1) success
The user DN found in the LDAP search will be sent in the bindRequest. WireShark masks the password replacing it with the word ”simple”. If we inspect the packet we could see the password in the clear text, “password” in the example below.
2. The example below shows invalidCredentials error in the bindResponse. It may happen if the entered password is not valid.
1 10.132.0.88 10.166.0.2 LDAP 129 bindRequest(1) "cn=Valeriy Petrov,ou=Users,dc=test,dc=com" simple
2 10.166.0.2 10.132.0.88 LDAP 82 bindResponse(1) invalidCredentials
1 10.132.0.88 10.166.0.2 LDAP 131 bindRequest(1) "cn=Valeriy Petrov,ou=Users,dc=test,dc=com" simple
2 10.166.0.2 10.132.0.88 LDAP 82 bindResponse(1) success
The user DN found in the LDAP search will be sent in the bindRequest. WireShark masks the password replacing it with the word ”simple”. If we inspect the packet we could see the password in the clear text, “password” in the example below.
2. The example below shows invalidCredentials error in the bindResponse. It may happen if the entered password is not valid.
1 10.132.0.88 10.166.0.2 LDAP 129 bindRequest(1) "cn=Valeriy Petrov,ou=Users,dc=test,dc=com" simple
2 10.166.0.2 10.132.0.88 LDAP 82 bindResponse(1) invalidCredentials
In Wireshark: