Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update LAPS schema #68

Merged
merged 2 commits into from
Aug 16, 2023
Merged

Update LAPS schema #68

merged 2 commits into from
Aug 16, 2023

Conversation

spyr0-sec
Copy link
Contributor

Description

In April 2023, MS released their new iteration of LAPS which included a refactor of the LAPS attributes on Computer objects. Currently SharpHound looks for the ms-acs-admpwdexpirationtime which is now know as msLAPS-PasswordExpirationTime. Therefore this PR is to add that LDAP property and change HasLAPS() logic to return true if the computer object possesses either of this attributes.

Motivation and Context

Testing CE in a lab with LAPS configured was not returning any objects with haslaps = True

How Has This Been Tested?

This has not been tested, however this is a (hopefully) simple change which will not break anything.

Types of changes

  • Chore (a change that does not modify the application functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • Documentation updates are needed, and have been made accordingly.
  • I have added and/or updated tests to cover my changes.
  • All new and existing tests passed.
  • My changes include a database migration.

@github-actions
Copy link

github-actions bot commented Aug 15, 2023

CLA Assistant Lite bot All contributors have signed the CLA ✍️ ✅

@spyr0-sec
Copy link
Contributor Author

I have read the CLA Document and I hereby sign the CLA

@rvazarkar
Copy link
Contributor

Adding this here for reference: https://learn.microsoft.com/en-us/windows-server/identity/laps/laps-technical-reference

The new attribute checks out

Copy link
Contributor

@rvazarkar rvazarkar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Double checked for any references and this looks good to me!

@rvazarkar rvazarkar merged commit 4ddf1b2 into SpecterOps:main Aug 16, 2023
@github-actions github-actions bot locked and limited conversation to collaborators Aug 16, 2023
@spyr0-sec spyr0-sec deleted the update-laps-schema branch August 16, 2023 21:11
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants