A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through many methods.
To build a binary for Windows, download the installer.ps1
script from this repository. Run it simply with no arguments to create a binary in the working directory. Use -h
or --help
for the help menu with options.
--delay
--filter-method-name
, by protocol name with --filter-protocol-name
or by pipe name with --filter-pipe-name
(all modes)--target
or a list of targets from a file with --targets-file
You can now install it from pypi (latest version is ) with this command:
sudo python3 -m pip install coercer
Coercer uses argcomplete to autogenerate tab completions for your shell (bash, zsh, fish, …).
See the argcomplete
README for how to enable tab completions.
You want to assess the Remote Procedure Calls listening on a machine to see if they can be leveraged to coerce an authentication?
You want to exploit the Remote Procedure Calls on a remote machine to coerce an authentication to ntlmrelay or responder?
You are doing research and want to fuzz Remote Procedure Calls listening on a machine with various paths?
Pull requests are welcome. Feel free to open an issue if you want to add other features.