Fix Args Check & Add Computer filter
Add - Filter the computer from wich you want to extract LAPS password with <target> arg. Fixed - Check credentials args ("username" instead of "host").pull/1/head
parent
1812a6cdce
commit
415a00888d
|
@ -1,4 +1,4 @@
|
||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.DirectoryServices;
|
using System.DirectoryServices;
|
||||||
using System.IO;
|
using System.IO;
|
||||||
|
@ -24,6 +24,7 @@ namespace SharpLAPS
|
||||||
var parsed = ArgumentParser.Parse(args);
|
var parsed = ArgumentParser.Parse(args);
|
||||||
String username = null;
|
String username = null;
|
||||||
String password = null;
|
String password = null;
|
||||||
|
String target = "*";
|
||||||
String connectionString = "LDAP://{0}:{1}";
|
String connectionString = "LDAP://{0}:{1}";
|
||||||
DirectoryEntry ldapConnection;
|
DirectoryEntry ldapConnection;
|
||||||
|
|
||||||
|
@ -36,6 +37,7 @@ namespace SharpLAPS
|
||||||
Console.WriteLine("\nOptional");
|
Console.WriteLine("\nOptional");
|
||||||
Console.WriteLine("/user:<username> Username of the account");
|
Console.WriteLine("/user:<username> Username of the account");
|
||||||
Console.WriteLine("/pass:<password> Password of the account");
|
Console.WriteLine("/pass:<password> Password of the account");
|
||||||
|
Console.WriteLine("/target:<target> computer name (if not set query all computers in AD)");
|
||||||
Console.WriteLine("/out:<file> Outputting credentials to file");
|
Console.WriteLine("/out:<file> Outputting credentials to file");
|
||||||
Console.WriteLine("/ssl Enable SSL (LDAPS://)");
|
Console.WriteLine("/ssl Enable SSL (LDAPS://)");
|
||||||
|
|
||||||
|
@ -52,10 +54,15 @@ namespace SharpLAPS
|
||||||
{
|
{
|
||||||
connectionString = String.Format(connectionString, parsed.Arguments["/host"], "636");
|
connectionString = String.Format(connectionString, parsed.Arguments["/host"], "636");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Filter computer name
|
||||||
|
if (parsed.Arguments.ContainsKey("/target"))
|
||||||
|
{
|
||||||
|
target = parsed.Arguments["/target"] + "$";
|
||||||
|
}
|
||||||
|
|
||||||
// Use the provided credentials or the current session
|
// Use the provided credentials or the current session
|
||||||
if (parsed.Arguments.ContainsKey("/host") && parsed.Arguments.ContainsKey("/pass"))
|
if (parsed.Arguments.ContainsKey("/user") && parsed.Arguments.ContainsKey("/pass"))
|
||||||
{
|
{
|
||||||
Console.WriteLine("\n[+] Using the following credentials");
|
Console.WriteLine("\n[+] Using the following credentials");
|
||||||
Console.WriteLine("Host: " + connectionString);
|
Console.WriteLine("Host: " + connectionString);
|
||||||
|
@ -76,7 +83,7 @@ namespace SharpLAPS
|
||||||
ldapConnection = new DirectoryEntry(connectionString, username, password, System.DirectoryServices.AuthenticationTypes.Secure);
|
ldapConnection = new DirectoryEntry(connectionString, username, password, System.DirectoryServices.AuthenticationTypes.Secure);
|
||||||
Console.WriteLine("\n[+] Extracting LAPS password from LDAP");
|
Console.WriteLine("\n[+] Extracting LAPS password from LDAP");
|
||||||
DirectorySearcher searcher = new DirectorySearcher(ldapConnection);
|
DirectorySearcher searcher = new DirectorySearcher(ldapConnection);
|
||||||
searcher.Filter = "(&(objectCategory=computer)(ms-MCS-AdmPwd=*))";
|
searcher.Filter = "(&(objectCategory=computer)(ms-MCS-AdmPwd=*)(sAMAccountName=" + target + "))";
|
||||||
|
|
||||||
// Iterate over all the credentials
|
// Iterate over all the credentials
|
||||||
List<string> output = new List<string>();
|
List<string> output = new List<string>();
|
||||||
|
|
Loading…
Reference in New Issue