hacktricks/pentesting/24007-24008-24009-49152-pentesting-glusterfs.md

# 24007,24008,24009,49152 - Pentesting GlusterFS

## Basic Information

**GlusterFS** is a **distributed**, arbitrarily scalable **file system** that aggregates storage components from **several servers into one**, uniform file system.

**Default ports**: 24007/tcp/udp, 24008/tcp/udp, 49152/tcp (onwards)\
For the port 49152, ports incremented by 1 need to be open to use more bricks. _Previously the port 24009 was used instead of 49152._

```
PORT      STATE  SERVICE
24007/tcp open   rpcbind
49152/tcp open   ssl/unknown
```

### Enumeration

To interact with this filesystem you need to install the [**GlusterFS client**](https://download.gluster.org/pub/gluster/glusterfs/LATEST/) **** (`sudo apt-get install glusterfs-cli`).

To list and mount the available volumes you can use:

```bash
sudo gluster --remote-host=10.10.11.131 volume list
# This will return the name of the volumes

sudo mount -t glusterfs 10.10.11.131:/<vol_name> /mnt/
```

If you receive an **error trying to mount the filesystem**, you can check the logs in `/var/log/glusterfs/`

**Errors mentioning certificates** can be fixed by stealing the files (if you have access to the system):

* /etc/ssl/glusterfs.ca
* /etc/ssl/glusterfs.key
* /etc/ssl/glusterfs.ca.pem

And storing them in your machine `/etc/ssl` or `/usr/lib/ssl` directory (if a different directory is used check for lines similar to: "_could not load our cert at /usr/lib/ssl/glusterfs.pem_" in the logs) .
GitBook: [#2984] No subject 2022-02-03 02:15:45 +00:00			`# 24007,24008,24009,49152 - Pentesting GlusterFS`

			`## Basic Information`

			`GlusterFS is a distributed, arbitrarily scalable file system that aggregates storage components from several servers into one, uniform file system.`

			`Default ports: 24007/tcp/udp, 24008/tcp/udp, 49152/tcp (onwards)\`
			`For the port 49152, ports incremented by 1 need to be open to use more bricks. _Previously the port 24009 was used instead of 49152._`

			```
			`PORT STATE SERVICE`
			`24007/tcp open rpcbind`
			`49152/tcp open ssl/unknown`
			```

			`### Enumeration`

			To interact with this filesystem you need to install the [GlusterFS client](https://download.gluster.org/pub/gluster/glusterfs/LATEST/) **** (`sudo apt-get install glusterfs-cli`).

			`To list and mount the available volumes you can use:`

			```bash
			`sudo gluster --remote-host=10.10.11.131 volume list`
			`# This will return the name of the volumes`

			`sudo mount -t glusterfs 10.10.11.131:/<vol_name> /mnt/`
			```

			If you receive an error trying to mount the filesystem, you can check the logs in `/var/log/glusterfs/`

			`Errors mentioning certificates can be fixed by stealing the files (if you have access to the system):`

			`* /etc/ssl/glusterfs.ca`
			`* /etc/ssl/glusterfs.key`
			`* /etc/ssl/glusterfs.ca.pem`

			And storing them in your machine `/etc/ssl` or `/usr/lib/ssl` directory (if a different directory is used check for lines similar to: "_could not load our cert at /usr/lib/ssl/glusterfs.pem_" in the logs) .