SharpLAPS is a tool to Retrieve LAPS Password From LDAP.
The attribute ms-mcs-AdmPwd stores the clear-text LAPS password.
This executable is made to be executed within Cobalt Strike session using execute-assembly. It will retrieve the LAPS password from the Active Directory.
Require (either):
ExtendedRight or Generic All RightsUsage
_ _ _
/ // /_ _ / / / | / _ \/ / _ \/ _ \/ _ `/ / _ \/ / / /| | / // /__ \
/ / / / / // / / / // / // _ |/ // /
/// //__,// / ./// |// //
Required
/host:<1.1.1.1> LDAP host to target, most likely the DC
Optional
/user: Username of the account
/pass: Password of the account
/out: Outputting credentials to file
/ssl Enable SSL (LDAPS://)
Usage: SharpLAPS.exe /user:DOMAIN\User /pass:MyP@ssw0rd123! /host:192.168.1.1
Screenshot
In a recent cyber incident, a group named CARDINAL, associated with the label Russian Legion,…
Introduction Google Dorking is a technique where advanced search operators are used to uncover information…
Linux is renowned for its versatility, open-source nature, and security. Whether you're a beginner, developer,…
Cyber insurance helps businesses and individuals mitigate financial losses from data breaches, ransomware, extortion, legal…
Ransomware is one of the most dangerous and destructive forms of cybercrime today. With cybercriminals…
Social media is a key part of our daily lives, with millions of users sharing…