Skip to content

Commit 32e3a4b

Browse files
carlospolopcarlospolop
authored
Merge pull request #447 from darses/master
Add Windows LAPS check
2 parents cdb81d7 + a150d4a commit 32e3a4b

File tree

1 file changed

+9
-1
lines changed

1 file changed

+9
-1
lines changed

Diff for: winPEAS/winPEASbat/winPEAS.bat

+9-1
Original file line numberDiff line numberDiff line change
@@ -147,12 +147,20 @@ ECHO.
147147
CALL :T_Progress 1
148148

149149
:LAPSInstallCheck
150-
CALL :ColorLine " %E%33m[+]%E%97m LAPS installed?"
150+
CALL :ColorLine " %E%33m[+]%E%97m Legacy Microsoft LAPS installed?"
151151
ECHO. [i] Check what is being logged
152152
REG QUERY "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft Services\AdmPwd" /v AdmPwdEnabled 2>nul
153153
ECHO.
154154
CALL :T_Progress 1
155155

156+
:WindowsLAPSInstallCheck
157+
CALL :ColorLine " %E%33m[+]%E%97m Windows LAPS installed?"
158+
ECHO. [i] Check what is being logged: 0x00 Disabled, 0x01 Backup to Entra, 0x02 Backup to Active Directory
159+
REG QUERY "HKEY_LOCAL_MACHINE\Software\Microsoft\Policies\LAPS" /v BackupDirectory 2>nul
160+
REG QUERY "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\LAPS" /v BackupDirectory 2>nul
161+
ECHO.
162+
CALL :T_Progress 1
163+
156164
:LSAProtectionCheck
157165
CALL :ColorLine " %E%33m[+]%E%97m LSA protection?"
158166
ECHO. [i] Active if "1"

0 commit comments

Comments
 (0)