Skip to content

swisskyrepo/SharpLAPS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.github
.github
 
 
Screenshot
Screenshot
 
 
SharpLAPS
SharpLAPS
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SharpLAPS.sln
SharpLAPS.sln
 
 

Repository files navigation

SharpLAPS

The attribute ms-mcs-AdmPwd stores the clear-text LAPS password.

This executable is made to be executed within Cobalt Strike session using execute-assembly. It will retrieve the LAPS password from the Active Directory.

Require (either):

  • Account with ExtendedRight or Generic All Rights
  • Domain Admin privilege

Usage

 _____ __ __ ___ ____ _____ / ___// /_ ____ __________ / / / | / __ \/ ___/ \__ \/ __ \/ __ `/ ___/ __ \/ / / /| | / /_/ /\__ \ ___/ / / / / /_/ / / / /_/ / /___/ ___ |/ ____/___/ / /____/_/ /_/\__,_/_/ / .___/_____/_/ |_/_/ /____/ /_/ Required /host:<1.1.1.1> LDAP host to target, most likely the DC Optional /user:<username> Username of the account /pass:<password> Password of the account /out:<file> Outputting credentials to file /ssl Enable SSL (LDAPS://) Usage: SharpLAPS.exe /user:DOMAIN\User /pass:MyP@ssw0rd123! /host:192.168.1.1

Screenshot

Screenshot

About

Retrieve LAPS password from LDAP

Topics

cobalt-strike laps-password laps

Resources

Readme

License

MIT license
Activity

Stars

431 stars

Watchers

11 watching

Forks

88 forks
Report repository

Releases 1

v1.1 Latest
Feb 17, 2021

Sponsor this project

  •  
Learn more about GitHub Sponsors

Contributors 2

Languages