darnellkeith/PEASS-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Windows LAPS check to winPEAS.bat

Browse Source
This commit is contained in:
darses 2024-11-28 19:37:58 +01:00
parent cdb81d7eb4
commit a150d4a022
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
winPEAS/winPEASbat/winPEAS.bat
View File

@ -147,12 +147,20 @@ ECHO.
CALL :T_Progress 1 CALL :T_Progress 1
:LAPSInstallCheck :LAPSInstallCheck
CALL :ColorLine " %E%33m[+]%E%97m LAPS installed?" CALL :ColorLine " %E%33m[+]%E%97m Legacy Microsoft LAPS installed?"
ECHO. [i] Check what is being logged ECHO. [i] Check what is being logged
REG QUERY "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft Services\AdmPwd" /v AdmPwdEnabled 2>nul REG QUERY "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft Services\AdmPwd" /v AdmPwdEnabled 2>nul
ECHO. ECHO.
CALL :T_Progress 1 CALL :T_Progress 1
:WindowsLAPSInstallCheck
CALL :ColorLine " %E%33m[+]%E%97m Windows LAPS installed?"
ECHO. [i] Check what is being logged: 0x00 Disabled, 0x01 Backup to Entra, 0x02 Backup to Active Directory
REG QUERY "HKEY_LOCAL_MACHINE\Software\Microsoft\Policies\LAPS" /v BackupDirectory 2>nul
REG QUERY "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\LAPS" /v BackupDirectory 2>nul
ECHO.
CALL :T_Progress 1
:LSAProtectionCheck :LSAProtectionCheck
CALL :ColorLine " %E%33m[+]%E%97m LSA protection?" CALL :ColorLine " %E%33m[+]%E%97m LSA protection?"
ECHO. [i] Active if "1" ECHO. [i] Active if "1"