MS-FSRVP coercion abuse PoC

MS-FSRVP coercion abuse PoC

Credits: Gilles LIONEL (a.k.a. Topotam)


MS Docs:

“File Server VSS Agent Service” needs to be enabled on the target server. -d "domain" -u "user" -p "password" LISTENER TARGET

In my tests, the coercion needed to be attempted twice in order to work when the FssAgent hadn’t been requested in a while. TL;DR: run the command twice if it doesn’t work.


View Github

Will this Minecraft minelayer / prismarines bot work?

Who is 'good enough to play for Real Madrid'? - Garth Crooks' team of the year thumbnail

Who is ‘good enough to play for Real Madrid’? – Garth Crooks’ team of the year