A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through many methods.
--delay
--filter-method-name
, by protocol name with --filter-protocol-name
or by pipe name with --filter-pipe-name
(all modes)--target
or a list of targets from a file with --targets-file
You can now install it from pypi (latest version is ) with this command:
sudo python3 -m pip install coercer
You want to assess the Remote Procedure Calls listening on a machine to see if they can be leveraged to coerce an authentication?
You want to exploit the Remote Procedure Calls on a remote machine to coerce an authentication to ntlmrelay or responder?
You are doing research and want to fuzz Remote Procedure Calls listening on a machine with various paths?
Pull requests are welcome. Feel free to open an issue if you want to add other features.