A BOF tool that can be used to dump LAPS passwords from specified computers within Active Directory.
- Make sure that Mingw-w64 (including mingw-w64-binutils) has been installed.
- Enter the SOURCE folder within the tool folder.
- Type "make" to compile the object files.
- Use Cobal Strike script manager to import the
Lapsdump.cnascript.
Running the tools is straightforward. Once you imported the CNA script using Cobalt Strike's Script Manager, they are available as Cobalt Strike commands that can be executed within a beacon. This tools supports the following commands:
Lapsdump [Computername]
To be able to dump LAPS password, elevated privileges are needed within the Active Directory environment.
This BOF tool has been successfully compiled on Mac OSX systems and used on Windows 8.1+ (x64) systems. Compiling the BOF code should also work on other systems (Linux, Windows) that have the Mingw-w64 compiler installed.