A simple way to read and write LAPS passwords from linux.

Related tags

Miscellaneouslocaladadministratorpython3lapsms-mcs-admpwd
Overview

banner

A simple way to read and write LAPS passwords from linux.

This script is a python setter/getter for property ms-Mcs-AdmPwd used by LAPS inspired by @swisskyrepo's SharpLAPS in C#.

Require (either):

  • Account with ExtendedRight or GenericRead to get LAPS passwords
  • Account with ExtendedRight or GenericWrite to set LAPS passwords
  • Domain Admin privileges

General usage

This tool supports many authentication methods:

                 __    ___    ____  _____
    ____  __  __/ /   /   |  / __ \/ ___/
   / __ \/ / / / /   / /| | / /_/ /\__ \   
  / /_/ / /_/ / /___/ ___ |/ ____/___/ /   
 / .___/\__, /_____/_/  |_/_/    /____/    v1.1
/_/    /____/           @podalirius_           

usage: pyLAPS.py [-h] [--use-ldaps] [-q] [-debug] [-a [{get,set}]] [-c TARGET_COMPUTER] [-v TARGET_VALUE] [--dc-ip ip address] [-d DOMAIN] [-u USER]
 [--no-pass | -p PASSWORD | -H [LMHASH:]NTHASH | --aes-key hex key] [-k]

Python setter/getter for property ms-Mcs-AdmPwd used by LAPS.

optional arguments:
-h, --help            show this help message and exit
--use-ldaps           Use LDAPS instead of LDAP
-debug                Debug mode
-a [{get,set}], --action [{get,set}]
        Get or Set the LAPS password
-c TARGET_COMPUTER, --computer TARGET_COMPUTER
        Target computer to modify
-v TARGET_VALUE, --value TARGET_VALUE
        New password to set

authentication & connection:
--dc-ip ip address    IP Address of the domain controller or KDC (Key Distribution Center) for Kerberos. If omitted it will use the domain part (FQDN)
        specified in the identity parameter
-d DOMAIN, --domain DOMAIN
        (FQDN) domain to authenticate to
-u USER, --user USER  User to authenticate as

--no-pass             don't ask for password (useful for -k)
-p PASSWORD, --password PASSWORD
        password to authenticate with
-H [LMHASH:]NTHASH, --hashes [LMHASH:]NTHASH
        NT/LM hashes, format is LMhash:NThash
--aes-key hex key     AES key to use for Kerberos Authentication (128 or 256 bits)
-k, --kerberos        Use Kerberos authentication. Grabs credentials from .ccache file (KRB5CCNAME) based on target parameters. If valid credentials cannot be found, it will use the ones specified in the command line

Read the password of all computers

# ./pyLAPS.py --action get -u 'Administrator' -d 'LAB.local' -p 'Admin123!' --dc-ip 192.168.2.1
                 __    ___    ____  _____
    ____  __  __/ /   /   |  / __ \/ ___/
   / __ \/ / / / /   / /| | / /_/ /\__ \   
  / /_/ / /_/ / /___/ ___ |/ ____/___/ /   
 / .___/\__, /_____/_/  |_/_/    /____/    v1.1
/_/    /____/           @podalirius_           

[+] Extracting LAPS passwords of all computers ...
  | PC01$           : H0zqUkoCAcbVXf0Q3ZbQ
  | PC02$           : PoSaRYUhqbLQjWjY9D0g
  | PC17$           : spf41mUjm9pxrgl11Osd
  | PC25$           : oqy814nS1p2lRVlatcKG

Read the password of a specific computer

# ./pyLAPS.py --action get --computer 'PC01$' -u 'Administrator' -d 'LAB.local' -p 'Admin123!' --dc-ip 192.168.2.1
                 __    ___    ____  _____
    ____  __  __/ /   /   |  / __ \/ ___/
   / __ \/ / / / /   / /| | / /_/ /\__ \   
  / /_/ / /_/ / /___/ ___ |/ ____/___/ /   
 / .___/\__, /_____/_/  |_/_/    /____/    v1.1
/_/    /____/           @podalirius_           

[+] Extracting LAPS password of computer: PC01$ ...
[+] Searching for the target computer: PC01$
[+] Target computer found: CN=PC01,OU=LAPS Managed Computers,DC=LAB,DC=local
  | PC01$           : Wookie123

Write a random password to a specific computer

When no password is supplied with --value, a random password is generated.

# ./pyLAPS.py --action set --computer 'PC01$' -u 'Administrator' -d 'LAB.local' -p 'Admin123!' --dc-ip 192.168.2.1
                 __    ___    ____  _____
    ____  __  __/ /   /   |  / __ \/ ___/
   / __ \/ / / / /   / /| | / /_/ /\__ \   
  / /_/ / /_/ / /___/ ___ |/ ____/___/ /   
 / .___/\__, /_____/_/  |_/_/    /____/    v1.1
/_/    /____/           @podalirius_           

[+] Setting LAPS password in LDAP ...
[+] Searching for the target computer
[+] Target computer found: CN=PC01,OU=LAPS Managed Computers,DC=LAB,DC=local
[+] Using random password: qnaEmUsWOqQ6d2PR6wVr
[+] Successfully updated the ms-Mcs-AdmPwd attribute of the target PC01$ to qnaEmUsWOqQ6d2PR6wVr

Write a specific password to a specific computer

You can set the value of ms-Mcs-AdmPwd on a specific computer with --value option like this:

# ./pyLAPS.py --action set --computer 'PC01$' --value "Wookie123" -u 'Administrator' -d 'LAB.local' -p 'Admin123!' --dc-ip 192.168.2.1
                 __    ___    ____  _____
    ____  __  __/ /   /   |  / __ \/ ___/
   / __ \/ / / / /   / /| | / /_/ /\__ \   
  / /_/ / /_/ / /___/ ___ |/ ____/___/ /   
 / .___/\__, /_____/_/  |_/_/    /____/    v1.1
/_/    /____/           @podalirius_               

[+] Setting LAPS password in LDAP ...
[+] Searching for the target computer
[+] Target computer found: CN=PC01,OU=LAPS Managed Computers,DC=LAB,DC=local
[+] Successfully updated the ms-Mcs-AdmPwd attribute of the target PC01$ to Wookie123

Contributing

Pull requests are welcome. Feel free to open an issue if you want to add other features.

You might also like...
A flexible free and unlimited python tool to translate between different languages in a simple way using multiple translators.
A flexible free and unlimited python tool to translate between different languages in a simple way using multiple translators.

deep-translator Translation for humans A flexible FREE and UNLIMITED tool to translate between different languages in a simple way using multiple tran

Nidhal Baccouri 806 Jan 4, 2023
This is a far more in-depth and advanced version of "Write user interface to a file API Sample"

Fusion360-Write-UserInterface This is a far more in-depth and advanced version of "Write user interface to a file API Sample" from https://help.autode

null 4 Mar 18, 2022
⚙️ Compile, Read and update your .conf file in python
⚙️ Compile, Read and update your .conf file in python

⚙️ Compile, Read and update your .conf file in python

Reece Harris 2 Aug 15, 2022
Discovering local read-level DNA methylation patterns and DNA methylation heterogeneity in intermediately methylated regions

Discovering local read-level DNA methylation patterns and DNA methylation heterogeneity in intermediately methylated regions

null 1 Jan 11, 2022
Users can read others' travel journeys in addition to being able to upload and delete posts detailing their own experiences

Users can read others' travel journeys in addition to being able to upload and delete posts detailing their own experiences! Posts are organized by country and destination within that country.

Christopher Zeas 1 Feb 3, 2022
Snakemake worflow to process and filter long read data from Oxford Nanopore Technologies.
Snakemake worflow to process and filter long read data from Oxford Nanopore Technologies.

Nanopore-Workflow Snakemake workflow to process and filter long read data from Oxford Nanopore Technologies. It is designed to compare whole human gen

null 5 May 13, 2022
A simple and easy to use Python's PIP configuration manager, similar to the Arch Linux's Java manager.
A simple and easy to use Python's PIP configuration manager, similar to the Arch Linux's Java manager.

PIPCONF - The PIP configuration manager If you need to manage multiple configurations containing indexes and trusted hosts for PIP, this project was m

João Paulo Carvalho 11 Nov 30, 2022
A simple project which is a ecm to found a good way to provide a path to img_dir in gooey

ECM to find a good way for img_dir Path in Gooey This code is just an ECM to find a good way to indicate a path of image in image_dir variable. We loo

Jean-Emmanuel Longueville 1 Oct 25, 2021
Med to csv - A simple way to parse MedAssociate output file in tidy data

MedAssociates to CSV file A simple way to parse MedAssociate output file in tidy

Jean-Emmanuel Longueville 5 Sep 9, 2022
Releases(1.1)
Owner
Podalirius
Hacker of everything
Podalirius
GitHub Repository https://podalirius.net/
Sample microservices application demo

Development mode docker-compose -f docker-compose.yml -f docker-compose.dev.yml up -d or export COMPOSE_FILE='docker-compose.yml:docker-compose.dev.ym

Konstantinos Bairaktaris 1 Nov 14, 2021
automate some stuff so I can be more noob

dota automate some stuff so I can be more noob This is a simple project, but one that I've wanted forever! I use pyautogui, time, smtplib and datetime

Aaron Allen 17 Oct 18, 2022
Konomi: Kind and Optimized Next brOadcast watching systeM Infrastructure

Konomi 備考・注意事項 現在 α 版で、まだ実験的なプロダクトです。通常利用には耐えないでしょうし、サポートもできません。 安定しているとは到底言いがたい品質ですが、それでも構わない方のみ導入してください。 使い方などの説明も用意できていないため、自力でトラブルに対処できるエンジニアの方以外に

tsukumi 243 Dec 30, 2022
Add all JuliaLang unicode abbreviations to AutoKey.

Autokey Unicode characters Usage This script adds all the unicode character abbreviations supported by Julia to autokey. However, instead of [TAB], th

Randolf Scholz 49 Dec 02, 2022
Bring A Trailer(BAT) is a popular online auction website for enthusiast cars. This traverse auction results and saves them as CSV

BaT Data Grabber Bring A Trailer(BAT) is a popular online auction website for enthusiast cars. This traverse auction results and saves them as CSV Bri

Elliot Weil 2 Oct 31, 2021
Simple control of Thorlabs Elliptec devices from Python.

Elliptec Simple control of Thorlabs Elliptec devices. No docs yet » Get started · Report a bug · Request a feature About The Project ThorLabs Elliptec

David Roesel 8 Sep 22, 2022
A functional standard library for Python.

Toolz A set of utility functions for iterators, functions, and dictionaries. See the PyToolz documentation at https://toolz.readthedocs.io LICENSE New

4.1k Jan 04, 2023
A beautiful and useful prompt for your shell

A Powerline style prompt for your shell A beautiful and useful prompt generator for Bash, ZSH, Fish, and tcsh: Shows some important details about the

Buck Ryan 6k Jan 08, 2023
A QGIS integration plugin for Kart repositories

QGIS Kart Plugin A plugin to work with Kart repositories Installation The Kart plugin is available in the QGIS Plugins server. To install the latest v

Koordinates 27 Jan 04, 2023
Stack-overflow-import - Import arbitrary code from Stack Overflow as Python modules.

StackOverflow Importer Do you ever feel like all you’re doing is copy/pasting from Stack Overflow? Let’s take it one step further. from stackoverflow

Filip Haglund 3.7k Jan 08, 2023
Projeto job insights - Projeto avaliativo da Trybe do Bloco 32: Introdução à Python

Termos e acordos Ao iniciar este projeto, você concorda com as diretrizes do Código de Ética e Conduta e do Manual da Pessoa Estudante da Trybe. Boas

Lucas Muffato 1 Dec 09, 2021
Used the pyautogui library to automate some processes on the computer

Pyautogui Utilizei a biblioteca pyautogui para automatizar alguns processos no c

Dheovani Xavier 1 Dec 30, 2021
Data Structures and Algorithms Python - Practice data structures and algorithms in python with few small projects

Data Structures and Algorithms All the essential resources and template code nee

Hesham 13 Dec 01, 2022
Neptune client library - integrate your Python scripts with Neptune

Lightweight experiment tracking tool for AI/ML individuals and teams. Fits any workflow. Neptune is a lightweight experiment logging/tracking tool tha

neptune.ai 353 Jan 04, 2023
The LiberaPay archive module for the SeanPM life archive project.

By: Top README.md Read this article in a different language Sorted by: A-Z Sorting options unavailable ( af Afrikaans Afrikaans | sq Shqiptare Albania

Sean P. Myrick V19.1.7.2 1 Aug 26, 2022
contextlib2 is a backport of the standard library's contextlib module to earlier Python versions.

contextlib2 is a backport of the standard library's contextlib module to earlier Python versions. It also sometimes serves as a real world proving gro

Jazzband 35 Dec 23, 2022
A Powerful Tool For Making Combo List(All possible modes)

ComboMaker A Powerful Tool For Making Combo List Introduction Check out all possible Combo list build modes with this tool =) How to Install Open the

MasterBurnt 7 Jan 07, 2023
validation for pre-commit.ci configuration

pre-commit-ci-config validation for pre-commit.ci configuration installation pip install pre-commit-ci-config api pre_commit_ci_config.SCHEMA a cfgv s

pre-commit.ci 17 Jul 11, 2022
Automated Content Feed Curator

Gathers posts from content feeds, filters, formats, delivers to you.

Alper S. Soylu 2 Jan 22, 2022
Get a list of content on your Netflix My List that is expiring in the next month or two.

Netflix My List Expiring Movies Annoyed at Netflix for taking away your movies? Now you don't have to be! Installation instructions Install selenium C

24 Aug 06, 2022