-
Notifications
You must be signed in to change notification settings - Fork 14
NFS Enumeration
lethanhtung01011980 edited this page Jan 7, 2020
·
12 revisions
- To scan for NFS share
- apt-get install nfs-common
nmap -sV --script=nfs* victim-ip -T4
nmap -sV --script=nfs-ls victim-ip
showmount -e victim-ip
By enabling the root_squash, we can’t just get root privileges on the remote filesystem.
However, no_all_squash is enabled we can be authorized as any other user.
- If already in the system:
cat /etc/exports
/var/nfsshare *(rw,sync,root_squash,no_all_squash)
/opt *(rw,sync,root_squash,no_all_squash)
To create user with uid and gid as owner of NFS folder in Victim PC.
- mkdir /tmp/nfsshare
- mount -t nfs -o vers=3 victim-ip:/var/nfsshare /tmp/nfsshare
- NFS ver 3 don't have authentication.