A simple way to read and write LAPS passwords from linux.

Overview

banner

A simple way to read and write LAPS passwords from linux.

This script is a python setter/getter for property ms-Mcs-AdmPwd used by LAPS inspired by @swisskyrepo's SharpLAPS in C#.

Require (either):

  • Account with ExtendedRight or GenericRead to get LAPS passwords
  • Account with ExtendedRight or GenericWrite to set LAPS passwords
  • Domain Admin privileges

General usage

This tool supports many authentication methods:

                 __    ___    ____  _____
    ____  __  __/ /   /   |  / __ \/ ___/
   / __ \/ / / / /   / /| | / /_/ /\__ \   
  / /_/ / /_/ / /___/ ___ |/ ____/___/ /   
 / .___/\__, /_____/_/  |_/_/    /____/    v1.1
/_/    /____/           @podalirius_           

usage: pyLAPS.py [-h] [--use-ldaps] [-q] [-debug] [-a [{get,set}]] [-c TARGET_COMPUTER] [-v TARGET_VALUE] [--dc-ip ip address] [-d DOMAIN] [-u USER]
 [--no-pass | -p PASSWORD | -H [LMHASH:]NTHASH | --aes-key hex key] [-k]

Python setter/getter for property ms-Mcs-AdmPwd used by LAPS.

optional arguments:
-h, --help            show this help message and exit
--use-ldaps           Use LDAPS instead of LDAP
-debug                Debug mode
-a [{get,set}], --action [{get,set}]
        Get or Set the LAPS password
-c TARGET_COMPUTER, --computer TARGET_COMPUTER
        Target computer to modify
-v TARGET_VALUE, --value TARGET_VALUE
        New password to set

authentication & connection:
--dc-ip ip address    IP Address of the domain controller or KDC (Key Distribution Center) for Kerberos. If omitted it will use the domain part (FQDN)
        specified in the identity parameter
-d DOMAIN, --domain DOMAIN
        (FQDN) domain to authenticate to
-u USER, --user USER  User to authenticate as

--no-pass             don't ask for password (useful for -k)
-p PASSWORD, --password PASSWORD
        password to authenticate with
-H [LMHASH:]NTHASH, --hashes [LMHASH:]NTHASH
        NT/LM hashes, format is LMhash:NThash
--aes-key hex key     AES key to use for Kerberos Authentication (128 or 256 bits)
-k, --kerberos        Use Kerberos authentication. Grabs credentials from .ccache file (KRB5CCNAME) based on target parameters. If valid credentials cannot be found, it will use the ones specified in the command line

Read the password of all computers

# ./pyLAPS.py --action get -u 'Administrator' -d 'LAB.local' -p 'Admin123!' --dc-ip 192.168.2.1
                 __    ___    ____  _____
    ____  __  __/ /   /   |  / __ \/ ___/
   / __ \/ / / / /   / /| | / /_/ /\__ \   
  / /_/ / /_/ / /___/ ___ |/ ____/___/ /   
 / .___/\__, /_____/_/  |_/_/    /____/    v1.1
/_/    /____/           @podalirius_           

[+] Extracting LAPS passwords of all computers ...
  | PC01$           : H0zqUkoCAcbVXf0Q3ZbQ
  | PC02$           : PoSaRYUhqbLQjWjY9D0g
  | PC17$           : spf41mUjm9pxrgl11Osd
  | PC25$           : oqy814nS1p2lRVlatcKG

Read the password of a specific computer

# ./pyLAPS.py --action get --computer 'PC01$' -u 'Administrator' -d 'LAB.local' -p 'Admin123!' --dc-ip 192.168.2.1
                 __    ___    ____  _____
    ____  __  __/ /   /   |  / __ \/ ___/
   / __ \/ / / / /   / /| | / /_/ /\__ \   
  / /_/ / /_/ / /___/ ___ |/ ____/___/ /   
 / .___/\__, /_____/_/  |_/_/    /____/    v1.1
/_/    /____/           @podalirius_           

[+] Extracting LAPS password of computer: PC01$ ...
[+] Searching for the target computer: PC01$
[+] Target computer found: CN=PC01,OU=LAPS Managed Computers,DC=LAB,DC=local
  | PC01$           : Wookie123

Write a random password to a specific computer

When no password is supplied with --value, a random password is generated.

# ./pyLAPS.py --action set --computer 'PC01$' -u 'Administrator' -d 'LAB.local' -p 'Admin123!' --dc-ip 192.168.2.1
                 __    ___    ____  _____
    ____  __  __/ /   /   |  / __ \/ ___/
   / __ \/ / / / /   / /| | / /_/ /\__ \   
  / /_/ / /_/ / /___/ ___ |/ ____/___/ /   
 / .___/\__, /_____/_/  |_/_/    /____/    v1.1
/_/    /____/           @podalirius_           

[+] Setting LAPS password in LDAP ...
[+] Searching for the target computer
[+] Target computer found: CN=PC01,OU=LAPS Managed Computers,DC=LAB,DC=local
[+] Using random password: qnaEmUsWOqQ6d2PR6wVr
[+] Successfully updated the ms-Mcs-AdmPwd attribute of the target PC01$ to qnaEmUsWOqQ6d2PR6wVr

Write a specific password to a specific computer

You can set the value of ms-Mcs-AdmPwd on a specific computer with --value option like this:

# ./pyLAPS.py --action set --computer 'PC01$' --value "Wookie123" -u 'Administrator' -d 'LAB.local' -p 'Admin123!' --dc-ip 192.168.2.1
                 __    ___    ____  _____
    ____  __  __/ /   /   |  / __ \/ ___/
   / __ \/ / / / /   / /| | / /_/ /\__ \   
  / /_/ / /_/ / /___/ ___ |/ ____/___/ /   
 / .___/\__, /_____/_/  |_/_/    /____/    v1.1
/_/    /____/           @podalirius_               

[+] Setting LAPS password in LDAP ...
[+] Searching for the target computer
[+] Target computer found: CN=PC01,OU=LAPS Managed Computers,DC=LAB,DC=local
[+] Successfully updated the ms-Mcs-AdmPwd attribute of the target PC01$ to Wookie123

Contributing

Pull requests are welcome. Feel free to open an issue if you want to add other features.

You might also like...
A flexible free and unlimited python tool to translate between different languages in a simple way using multiple translators.
A flexible free and unlimited python tool to translate between different languages in a simple way using multiple translators.

deep-translator Translation for humans A flexible FREE and UNLIMITED tool to translate between different languages in a simple way using multiple tran

This is a far more in-depth and advanced version of "Write user interface to a file API Sample"

Fusion360-Write-UserInterface This is a far more in-depth and advanced version of "Write user interface to a file API Sample" from https://help.autode

 ⚙️ Compile, Read and update your .conf file in python
⚙️ Compile, Read and update your .conf file in python

⚙️ Compile, Read and update your .conf file in python

Discovering local read-level DNA methylation patterns and DNA methylation heterogeneity in intermediately methylated regions

Discovering local read-level DNA methylation patterns and DNA methylation heterogeneity in intermediately methylated regions

Users can read others' travel journeys in addition to being able to upload and delete posts detailing their own experiences

Users can read others' travel journeys in addition to being able to upload and delete posts detailing their own experiences! Posts are organized by country and destination within that country.

Snakemake worflow to process and filter long read data from Oxford Nanopore Technologies.
Snakemake worflow to process and filter long read data from Oxford Nanopore Technologies.

Nanopore-Workflow Snakemake workflow to process and filter long read data from Oxford Nanopore Technologies. It is designed to compare whole human gen

A simple and easy to use Python's PIP configuration manager, similar to the Arch Linux's Java manager.
A simple and easy to use Python's PIP configuration manager, similar to the Arch Linux's Java manager.

PIPCONF - The PIP configuration manager If you need to manage multiple configurations containing indexes and trusted hosts for PIP, this project was m

A simple project which is a ecm to found a good way to provide a path to img_dir in gooey

ECM to find a good way for img_dir Path in Gooey This code is just an ECM to find a good way to indicate a path of image in image_dir variable. We loo

Med to csv - A simple way to parse MedAssociate output file in tidy data

MedAssociates to CSV file A simple way to parse MedAssociate output file in tidy

Releases(1.1)
Owner
Podalirius
Hacker of everything
Podalirius
My HA controller for veg and flower rooms

HAGrowRoom My HA controller for veg and flower rooms I will do my best to keep this updated as I change, add and improve. System heavily uses custom t

4 May 25, 2022
Um sistema de llogin feito em uma interface grafica.

Interface-para-login Um sistema de login feito com JSON. Utilizando a biblioteca Tkinter, eu criei um sistema de login, onde guarda a informações de l

Mobben 1 Nov 28, 2021
A simple watcher for the XTZ/kUSD pool on Quipuswap

Kolibri Quipuswap Watcher This repo holds the source code for the QuipuBot bot deployed to the #quipuswap-updates channel in the Kolibri Discord Setup

Hover Labs 1 Nov 18, 2021
This is the accompanying repository for the Bloomberg Global Coal Countdown website.

This is the accompanying repository for the Bloomberg Global Coal Countdown (BGCC) website. Data Sources Dashboard Data Schema and Validation License

7 Jun 01, 2022
The functions we created are included in a script. The necessary parts for pre-processing were taken. Analysis complete.

Feature-Engineering The functions we created are included in a script. The necessary parts for pre-processing were taken. Analysis complete. Business

Ayşe Nur Türkaslan 4 Oct 17, 2021
Context-free grammar to Sublime-syntax file

Generate a sublime-syntax file from a non-left-recursive, follow-determined, context-free grammar

Haggai Nuchi 8 Nov 17, 2022
Flexible constructor to create dynamic list of heterogeneous properties for some kind of entity

Flexible constructor to create dynamic list of heterogeneous properties for some kind of entity. This set of helpers useful to create properties like contacts or attributes for describe car/computer/

Django Stars 24 Jul 21, 2022
Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2

Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2

150 Dec 31, 2022
A collection of Python library code for building Python applications.

Abseil Python Common Libraries This repository is a collection of Python library code for building Python applications. The code is collected from Goo

Abseil 2k Jan 07, 2023
A small Python library which gives you the IEEE-754 representation of a floating point number.

ieee754 ieee754 is small Python library which gives you the IEEE-754 representation of a floating point number. You can specify a precision given in t

Bora Canbula 5 Dec 20, 2022
Python 3.9.4 Graphics and Compute Shader Framework and Primitives with no external module dependencies

pyshader Python 3.9.4 Graphics and Compute Shader Framework and Primitives with no external module dependencies Fully programmable shader model (even

Alastair Cota 1 Jan 11, 2022
This package tries to emulate the behaviour of syntax proposed in PEP 671 via a decorator

Late-Bound Arguments This package tries to emulate the behaviour of syntax proposed in PEP 671 via a decorator. Usage Mention the names of the argumen

Shakya Majumdar 0 Feb 06, 2022
Processamento da Informação - Disciplina UFABC

Processamento da Informacao Disciplina UFABC, Linguagem de Programação Python - 2021.2 Objetivos Apresentar os fundamentos sobre manipulação e tratame

Melissa Junqueira de Barros Lins 1 Jun 12, 2022
Python implementation for Active Directory certificate abuse

Certipy is a Python tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). Based on the C# variant Ce

Oliver Lyak 1.3k Jan 09, 2023
Audio-analytics for music-producers! Automate tedious tasks such as musical scale detection, BPM rate classification and audio file conversion.

Click here to be re-directed to the Beat Inspect Streamlit Web-App You are a music producer? Let's get in touch via LinkedIn Fundamental Analytics for

Stefan Rummer 11 Dec 27, 2022
This interactive script demonstrates the Menezes-Vanstone-EC-Cryptosystem

Menezes-Vanstone-EC-Cryptosystem This interactive script demonstrates the Meneze

Nishaant Goswamy 1 Jan 02, 2022
A script where you execute a script that generates a base project for your gdextension

GDExtension Project Creator this is a script (currently only for linux) where you execute a script that generates a base project for your gdextension,

Unknown 11 Nov 17, 2022
Hack CMU Go Local Project

GoLocal A submission for the annual HackCMU Hackathon. We built a website which connects shopper with local businesses. The goal is to drive consumers

2 Oct 02, 2021
Python wrapper around Apple App Store Api

App Store Connect Api This is a Python wrapper around the Apple App Store Api : https://developer.apple.com/documentation/appstoreconnectapi So far, i

123 Jan 06, 2023
Lectures for Udemy - Complete Python Bootcamp Course

Complete-Python-Bootcamp Welcome to the Repository for the Complete Python Bootcamp! This is the Repository for the Udemy course - "Complete Python Bo

Marci 2k Dec 28, 2022