Add enhancement in issue p0dalirius#75

p0rtL6 · Jan 17, 2025 · a092bfe · a092bfe
1 parent 9bad64a
commit a092bfe
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/coercer/__main__.py b/coercer/__main__.py
@@ -70,6 +70,7 @@ def parseArgs():
     mode_scan_targets_listener = mode_scan.add_mutually_exclusive_group(required=False)
     mode_scan_targets_listener.add_argument("-i", "--interface", default=None, help="Interface to listen on incoming authentications.")
     mode_scan_targets_listener.add_argument("-I", "--ip-address", default=None, help="IP address to listen on incoming authentications.")
+    mode_scan_targets_listener.add_argument("--path-ip", default=None, help="IP address to use when generating exploit paths.")
     # Logging
     mode_scan_logging = mode_scan.add_argument_group("Logging")
     mode_scan_logging.add_argument("--minimum-log-level", default=0, help="Minimum logging level (integer).")
@@ -115,6 +116,7 @@ def parseArgs():
     mode_fuzz_targets_listener = mode_fuzz.add_mutually_exclusive_group(required=False)
     mode_fuzz_targets_listener.add_argument("-i", "--interface", default=None, help="Interface to listen on incoming authentications.")
     mode_fuzz_targets_listener.add_argument("-I", "--ip-address", default=None, help="IP address to listen on incoming authentications.")
+    mode_fuzz_targets_listener.add_argument("--path-ip", default=None, help="IP address to use when generating exploit paths.")
     # Logging
     mode_fuzz_logging = mode_fuzz.add_argument_group("Logging")
     mode_fuzz_logging.add_argument("--minimum-log-level", default=0, help="Minimum logging level (integer).")

diff --git a/coercer/core/tasks/execute.py b/coercer/core/tasks/execute.py
@@ -85,11 +85,14 @@ def connect_function(dcerpc, target, taskEntry):
 
                                     exploitpath = generate_exploit_path_from_template(
                                         template=exploitpath,
-                                        listener=listening_ip or options.listener_ip,
+                                        listener=options.path_ip or listening_ip or options.listener_ip,
                                         http_listen_port=http_listen_port if mode == Modes.FUZZ else options.http_port,
                                         smb_listen_port=options.smb_port
                                     )
 
+                                    if options.path_ip:
+                                        reporter.print_info("      ", "Using user provided path: %s" % exploitpath, debug=True)
+
                                     msprotocol_rpc_instance = msprotocol_class(path=exploitpath)
                                     dcerpc = DCERPCSession(credentials=credentials)
                                     connect_function(dcerpc, target, taskEntry)