SharpLAPS is a tool to Retrieve LAPS Password From LDAP.
The attribute ms-mcs-AdmPwd stores the clear-text LAPS password.
This executable is made to be executed within Cobalt Strike session using execute-assembly. It will retrieve the LAPS password from the Active Directory.
Require (either):
ExtendedRight or Generic All RightsUsage
_ _ _
/ // /_ _ / / / | / _ \/ / _ \/ _ \/ _ `/ / _ \/ / / /| | / // /__ \
/ / / / / // / / / // / // _ |/ // /
/// //__,// / ./// |// //
Required
/host:<1.1.1.1> LDAP host to target, most likely the DC
Optional
/user: Username of the account
/pass: Password of the account
/out: Outputting credentials to file
/ssl Enable SSL (LDAPS://)
Usage: SharpLAPS.exe /user:DOMAIN\User /pass:MyP@ssw0rd123! /host:192.168.1.1
Screenshot
What is a Software Supply Chain Attack? A software supply chain attack occurs when a…
When people ask how UDP works, the simplest answer is this: UDP sends data quickly…
Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…
A large-scale malware campaign leveraging AI-assisted development techniques has been uncovered, revealing how attackers are…
How Does a Firewall Work Step by Step? What Is a Firewall and How Does…
People trying to securely connect to work are being tricked into doing the exact opposite.…