LAPS

The "Local Administrator Password Solution" (LAPS) provides management of local account passwords of domain joined computers. Passwords are stored in Active Directory (AD) and protected by ACL, so only eligible users can read it or request its reset.

Enumerating LAPS access

Using AdmPwd.PS.psd1

https://www.powershellgallery.com/packages/AdmPwd.PS/6.3.1.0

Import-Module C:\AD\Tools\AdmPwd.PS\AdmPwd.PS.psd1

Enumerating for right holders

Find-AdmPwdExtendedRights -Identity OUDistinguishedName
Get-DomainOU | %{Find-AdmPwdExtendedRights -Identity $_.distinguishedname}

Accessing LAPS passwords

Credential Dumping: LAPS - Hacking ArticlesHacking Articles

PreviousMimikatz NextWindows Lateral Movement

Last updated 1 year ago