search

LAPS

The "Local Administrator Password Solution" (LAPS) provides management of local account passwords of domain joined computers. Passwords are stored in Active Directory (AD) and protected by ACL, so only eligible users can read it or request its reset.

hashtag
Enumerating LAPS access

Using AdmPwd.PS.psd1

https://www.powershellgallery.com/packages/AdmPwd.PS/6.3.1.0arrow-up-right

Import-Module C:\AD\Tools\AdmPwd.PS\AdmPwd.PS.psd1

Enumerating for right holders

Find-AdmPwdExtendedRights -Identity OUDistinguishedName
Get-DomainOU | %{Find-AdmPwdExtendedRights -Identity $_.distinguishedname}

hashtag
Accessing LAPS passwords

LogoCredential Dumping: LAPSHacking Articleschevron-right

PreviousMimikatzNextWindows Lateral Movement

Last updated