Coercer :: Knowledge Base (KB)

Coercer

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.

Features

Core:
- Lists open SMB pipes on the remote machine (in modes scan authenticated and fuzz authenticated)
- Tries to connect on a list of known SMB pipes on the remote machine (in modes scan unauthenticated and fuzz unauthenticated)
- Calls one by one all the vulnerable RPC functions to coerce the server to authenticate on an arbitrary machine.
- Random UNC paths generation to avoid caching failed attempts (all modes)
- Configurable delay between attempts with --delay
Options:
- Filter by method name with --filter-method-name, by protocol name with --filter-protocol-name or by pipe name with --filter-pipe-name (all modes)
- Target a single machine --target or a list of targets from a file with --targets-file
- Specify IP address OR interface to listen on for incoming authentications. (modes scan and fuzz)
Exporting results
- Export results in SQLite format (modes scan and fuzz)
- Export results in JSON format (modes scan and fuzz)
- Export results in XSLX format (modes scan and fuzz)

sudo python3 -m pip install coercer

Coerce

Exploit Remote Procedure Calls (RPC).

Fuzz

For research purposes - fuzz Remote Procedure Calls (RPC).

Scan

Assess the Remote Procedure Calls (RPC) listening.