swisskyrepo/SharpLAPS swisskyrepo/SharpLAPS

  • Stars
    star
    374
  • Rank 114,346 (Top 3 %)
  • Language
    C#
  • License
    MIT License
  • Created almost 4 years ago
  • Updated almost 4 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
swisskyrepo/SharpLAPS
github

swisskyrepo

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Retrieve LAPS password from LDAP

SharpLAPS

The attribute ms-mcs-AdmPwd stores the clear-text LAPS password.

This executable is made to be executed within Cobalt Strike session using execute-assembly. It will retrieve the LAPS password from the Active Directory.

Require (either):

  • Account with ExtendedRight or Generic All Rights
  • Domain Admin privilege

Usage

  _____ __                     __    ___    ____  _____
  / ___// /_  ____ __________  / /   /   |  / __ \/ ___/
  \__ \/ __ \/ __ `/ ___/ __ \/ /   / /| | / /_/ /\__ \
 ___/ / / / / /_/ / /  / /_/ / /___/ ___ |/ ____/___/ /
/____/_/ /_/\__,_/_/  / .___/_____/_/  |_/_/    /____/
                     /_/
Required
/host:<1.1.1.1>  LDAP host to target, most likely the DC

Optional
/user:<username> Username of the account
/pass:<password> Password of the account
/out:<file>      Outputting credentials to file
/ssl             Enable SSL (LDAPS://)

Usage: SharpLAPS.exe /user:DOMAIN\User /pass:MyP@ssw0rd123! /host:192.168.1.1

Screenshot

Screenshot

More Repositories

1

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Python
59,377
star
2

SSRFmap

Automatic SSRF fuzzer and exploitation tool
Python
2,908
star
3

GraphQLmap

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
Python
1,352
star
4

InternalAllTheThings

Active Directory and Internal Pentest Cheatsheets
HTML
830
star
5

Wordpresscan

WPScan rewritten in Python + some WPSeku ideas
Python
634
star
6

HardwareAllTheThings

Hardware/IOT Pentesting Wiki
HTML
440
star
7

DamnWebScanner

Another web vulnerabilities scanner, this extension works on Chrome and Opera
Python
438
star
8

Vulny-Code-Static-Analysis

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex
PHP
391
star
9

WHID_Toolkit

Simple script for the WHID injector - a rubberducky wifi
Python
99
star
10

Nephelees

Néphélées (Νεφήλαι, Nephḗlai) : cloud nymphs greek - also NTDS cracking tool on Google Cloud
Jupyter Notebook
30
star
11

swisskyrepo.github.io

Source of swisskyrepo.github.io - Public
SCSS
11
star