hacktricks/network-services-pentesting/3260-pentesting-iscsi.md

# 3260 - Pentesting ISCSI

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}

## Basic Information

From [Wikipedia](https://en.wikipedia.org/wiki/ISCSI):

> In computing, **iSCSI** ni kifupi cha **Internet Small Computer Systems Interface**, kiwango cha mtandao wa kuhifadhi data kilichotegemea Itifaki ya Mtandao (IP) kwa ajili ya kuunganisha vituo vya kuhifadhi data. Inatoa ufikiaji wa kiwango cha block kwa vifaa vya kuhifadhi kwa kubeba amri za SCSI kupitia mtandao wa TCP/IP. iSCSI inatumika kuwezesha uhamishaji wa data kupitia intraneti na kusimamia uhifadhi kwa umbali mrefu. Inaweza kutumika kuhamasisha data kupitia mitandao ya eneo la ndani (LAN), mitandao ya eneo pana (WAN), au Mtandao na inaweza kuwezesha uhifadhi na upatikanaji wa data bila kujali eneo.
>
> Itifaki hii inaruhusu wateja (wanaoitwa waanzilishi) kutuma amri za SCSI (CDBs) kwa vifaa vya kuhifadhi (malengo) kwenye seva za mbali. Ni itifaki ya mtandao wa eneo la kuhifadhi (SAN), ikiruhusu mashirika kuunganisha uhifadhi katika mfululizo wa kuhifadhi huku ikitoa wateja (kama vile seva za database na wavuti) hisia ya diski za SCSI zilizounganishwa kwa ndani. Inashindana hasa na Fibre Channel, lakini tofauti na Fibre Channel ya jadi ambayo kawaida inahitaji nyaya maalum, iSCSI inaweza kuendeshwa kwa umbali mrefu kwa kutumia miundombinu ya mtandao iliyopo.

**Default port:** 3260
```
PORT     STATE SERVICE VERSION
3260/tcp open  iscsi?
```
## Uhesabuzi
```
nmap -sV --script=iscsi-info -p 3260 192.168.xx.xx
```
This script will indicate if authentication is required.

### [Brute force](../generic-methodologies-and-resources/brute-force.md#iscsi)

### [Mount ISCSI on Linux](https://www.synology.com/en-us/knowledgebase/DSM/tutorial/Virtualization/How\_to\_set\_up\_and\_use\_iSCSI\_target\_on\_Linux)

**Note:** Unaweza kupata kwamba wakati malengo yako yanagunduliwa, yanatajwa chini ya anwani tofauti ya IP. Hii hutokea ikiwa huduma ya iSCSI imewekwa wazi kupitia NAT au IP ya virtual. Katika hali kama hizi, `iscsiadmin` itashindwa kuungana. Hii inahitaji marekebisho mawili: moja kwa jina la saraka ya node iliyoundwa kiotomatiki na shughuli zako za kugundua, na moja kwa faili ya `default` iliyo ndani ya saraka hii.

Kwa mfano, unajaribu kuungana na lengo la iSCSI kwenye 123.123.123.123 kwenye bandari 3260. Server inayoweka wazi lengo la iSCSI iko kwa kweli kwenye 192.168.1.2 lakini imewekwa wazi kupitia NAT. isciadm itarekodi anwani ya _ndani_ badala ya anwani ya _umma_:
```
iscsiadm -m discovery -t sendtargets -p 123.123.123.123:3260
192.168.1.2:3260,1 iqn.1992-05.com.emc:fl1001433000190000-3-vnxe
[...]
```
Hii amri itaunda saraka katika mfumo wako wa faili kama hii:
```
/etc/iscsi/nodes/iqn.1992-05.com.emc:fl1001433000190000-3-vnxe/192.168.1.2\,3260\,1/
```
Katika saraka, kuna faili ya default yenye mipangilio yote muhimu kuungana na lengo.

1. Badilisha jina la `/etc/iscsi/nodes/iqn.1992-05.com.emc:fl1001433000190000-3-vnxe/192.168.1.2\,3260\,1/` kuwa `/etc/iscsi/nodes/iqn.1992-05.com.emc:fl1001433000190000-3-vnxe/123.123.123.123\,3260\,1/`
2. Ndani ya `/etc/iscsi/nodes/iqn.1992-05.com.emc:fl1001433000190000-3-vnxe/123.123.123.123\,3260\,1/default`, badilisha mipangilio ya `node.conn[0].address` ili kuelekeza kwenye 123.123.123.123 badala ya 192.168.1.2. Hii inaweza kufanywa kwa amri kama `sed -i 's/192.168.1.2/123.123.123.123/g' /etc/iscsi/nodes/iqn.1992-05.com.emc:fl1001433000190000-3-vnxe/123.123.123.123\,3260\,1/default`

Sasa unaweza kuunganisha lengo kulingana na maelekezo katika kiungo.

### [Mount ISCSI on Windows](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ee338476\(v=ws.10\)?redirectedfrom=MSDN)

## **Uhesabu wa mikono**
```bash
sudo apt-get install open-iscsi
```
Example from [iscsiadm docs](https://ptestmethod.readthedocs.io/en/latest/LFF-IPS-P2-VulnerabilityAnalysis.html#iscsiadm):

Kwanza kabisa unahitaji **kuvumbua majina ya malengo** nyuma ya IP:
```bash
iscsiadm -m discovery -t sendtargets -p 123.123.123.123:3260
123.123.123.123:3260,1 iqn.1992-05.com.emc:fl1001433000190000-3-vnxe
[2a01:211:7b7:1223:211:32ff:fea9:fab9]:3260,1 iqn.2000-01.com.synology:asd3.Target-1.d0280fd382
[fe80::211:3232:fab9:1223]:3260,1 iqn.2000-01.com.synology:Oassdx.Target-1.d0280fd382
```
_Note kwamba itaonyesha I**P na bandari za interfaces** ambapo unaweza **kufikia** hizo **malengo**. Inaweza hata **kuonyesha IP za ndani au IP tofauti** kutoka ile uliyotumia._

Kisha **shika sehemu ya 2 ya mfuatano wa maandiko ya kila mstari** (_iqn.1992-05.com.emc:fl1001433000190000-3-vnxe_ kutoka mstari wa kwanza) na **jaribu kuingia**:
```bash
iscsiadm -m node --targetname="iqn.1992-05.com.emc:fl1001433000190000-3-vnxe" -p 123.123.123.123:3260 --login
Logging in to [iface: default, target: iqn.1992-05.com.emc:fl1001433000190000-3-vnxe, portal: 123.123.123.123,3260] (multiple)
Login to [iface: default, target: iqn.1992-05.com.emc:fl1001433000190000-3-vnxe, portal: 123.123.123.123,3260] successful.
```
Kisha, unaweza **logout** ukitumia `–logout`
```bash
iscsiadm -m node --targetname="iqn.1992-05.com.emc:fl1001433000190000-3-vnxe" -p 123.123.123.123:3260 --logout
Logging out of session [sid: 6, target: iqn.1992-05.com.emc:fl1001433000190000-3-vnxe, portal: 123.123.123.123,3260]
Logout of [sid: 6, target: iqn.1992-05.com.emc:fl1001433000190000-3-vnxe, portal: 123.123.123.123,3260] successful.
```
Tunaweza kupata **maelezo zaidi** kuhusu hilo kwa kutumia tu **bila** parameter yoyote ya `--login`/`--logout`
```bash
iscsiadm -m node --targetname="iqn.1992-05.com.emc:fl1001433000190000-3-vnxe" -p 123.123.123.123:3260
# BEGIN RECORD 2.0-873
node.name = iqn.1992-05.com.emc:fl1001433000190000-3-vnxe
node.tpgt = 1
node.startup = manual
node.leading_login = No
iface.hwaddress = <empty>
iface.ipaddress = <empty>
iface.iscsi_ifacename = default
iface.net_ifacename = <empty>
iface.transport_name = tcp
iface.initiatorname = <empty>
iface.bootproto = <empty>
iface.subnet_mask = <empty>
iface.gateway = <empty>
iface.ipv6_autocfg = <empty>
iface.linklocal_autocfg = <empty>
iface.router_autocfg = <empty>
iface.ipv6_linklocal = <empty>
iface.ipv6_router = <empty>
iface.state = <empty>
iface.vlan_id = 0
iface.vlan_priority = 0
iface.vlan_state = <empty>
iface.iface_num = 0
iface.mtu = 0
iface.port = 0
node.discovery_address = 192.168.xx.xx
node.discovery_port = 3260
node.discovery_type = send_targets
node.session.initial_cmdsn = 0
node.session.initial_login_retry_max = 8
node.session.xmit_thread_priority = -20
node.session.cmds_max = 128
node.session.queue_depth = 32
node.session.nr_sessions = 1
node.session.auth.authmethod = None
node.session.auth.username = <empty>
node.session.auth.password = <empty>
node.session.auth.username_in = <empty>
node.session.auth.password_in = <empty>
node.session.timeo.replacement_timeout = 120
node.session.err_timeo.abort_timeout = 15
node.session.err_timeo.lu_reset_timeout = 30
node.session.err_timeo.tgt_reset_timeout = 30
node.session.err_timeo.host_reset_timeout = 60
node.session.iscsi.FastAbort = Yes
node.session.iscsi.InitialR2T = No
node.session.iscsi.ImmediateData = Yes
node.session.iscsi.FirstBurstLength = 262144
node.session.iscsi.MaxBurstLength = 16776192
node.session.iscsi.DefaultTime2Retain = 0
node.session.iscsi.DefaultTime2Wait = 2
node.session.iscsi.MaxConnections = 1
node.session.iscsi.MaxOutstandingR2T = 1
node.session.iscsi.ERL = 0
node.conn[0].address = 192.168.xx.xx
node.conn[0].port = 3260
node.conn[0].startup = manual
node.conn[0].tcp.window_size = 524288
node.conn[0].tcp.type_of_service = 0
node.conn[0].timeo.logout_timeout = 15
node.conn[0].timeo.login_timeout = 15
node.conn[0].timeo.auth_timeout = 45
node.conn[0].timeo.noop_out_interval = 5
node.conn[0].timeo.noop_out_timeout = 5
node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
node.conn[0].iscsi.HeaderDigest = None
node.conn[0].iscsi.DataDigest = None
node.conn[0].iscsi.IFMarker = No
node.conn[0].iscsi.OFMarker = No
# END RECORD
```
**Kuna skripti ya kuandaa mchakato wa msingi wa kuhesabu subnet inapatikana kwenye** [**iscsiadm**](https://github.com/bitvijays/Pentest-Scripts/tree/master/Vulnerability\_Analysis/isciadm)

## **Shodan**

* `port:3260 AuthMethod`

## **Marejeleo**

* [https://bitvijays.github.io/LFF-IPS-P2-VulnerabilityAnalysis.html](https://bitvijays.github.io/LFF-IPS-P2-VulnerabilityAnalysis.html)
* [https://ptestmethod.readthedocs.io/en/latest/LFF-IPS-P2-VulnerabilityAnalysis.html#iscsiadm](https://ptestmethod.readthedocs.io/en/latest/LFF-IPS-P2-VulnerabilityAnalysis.html#iscsiadm)

{% hint style="success" %}
Jifunze & fanya mazoezi ya AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Jifunze & fanya mazoezi ya GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu za hacking kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>
{% endhint %}
-												GitBook: [#3160] No subject

											
										
										
											2022-05-01 13:25:53 +00:00
+								# 3260 - Pentesting ISCSI
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								{% hint style="success" %}
 								Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
 								Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								<details>
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								<summary>Support HackTricks</summary>
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
 								* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
 								* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
 								</details>
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								{% endhint %}
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								## Basic Information
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								From [Wikipedia](https://en.wikipedia.org/wiki/ISCSI):
-												a

											
										
										
											2024-02-08 21:36:35 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								> In computing, **iSCSI** ni kifupi cha **Internet Small Computer Systems Interface**, kiwango cha mtandao wa kuhifadhi data kilichotegemea Itifaki ya Mtandao (IP) kwa ajili ya kuunganisha vituo vya kuhifadhi data. Inatoa ufikiaji wa kiwango cha block kwa vifaa vya kuhifadhi kwa kubeba amri za SCSI kupitia mtandao wa TCP/IP. iSCSI inatumika kuwezesha uhamishaji wa data kupitia intraneti na kusimamia uhifadhi kwa umbali mrefu. Inaweza kutumika kuhamasisha data kupitia mitandao ya eneo la ndani (LAN), mitandao ya eneo pana (WAN), au Mtandao na inaweza kuwezesha uhifadhi na upatikanaji wa data bila kujali eneo.
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
+								>
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								> Itifaki hii inaruhusu wateja (wanaoitwa waanzilishi) kutuma amri za SCSI (CDBs) kwa vifaa vya kuhifadhi (malengo) kwenye seva za mbali. Ni itifaki ya mtandao wa eneo la kuhifadhi (SAN), ikiruhusu mashirika kuunganisha uhifadhi katika mfululizo wa kuhifadhi huku ikitoa wateja (kama vile seva za database na wavuti) hisia ya diski za SCSI zilizounganishwa kwa ndani. Inashindana hasa na Fibre Channel, lakini tofauti na Fibre Channel ya jadi ambayo kawaida inahitaji nyaya maalum, iSCSI inaweza kuendeshwa kwa umbali mrefu kwa kutumia miundombinu ya mtandao iliyopo.
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								**Default port:** 3260
-												GitBook: [#3160] No subject

											
										
										
											2022-05-01 13:25:53 +00:00
+								```
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
+								PORT     STATE SERVICE VERSION
 /tcp open  iscsi?
 								```
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								## Uhesabuzi
-												Translated to Swahili

											
										
										
											2024-02-11 02:13:58 +00:00
+								```
 								nmap -sV --script=iscsi-info -p 3260 192.168.xx.xx
 								```
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								This script will indicate if authentication is required.
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								### [Brute force](../generic-methodologies-and-resources/brute-force.md#iscsi)
-												Update 3260-pentesting-iscsi.md
											
										
										
											2021-01-15 09:05:40 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								### [Mount ISCSI on Linux](https://www.synology.com/en-us/knowledgebase/DSM/tutorial/Virtualization/How\_to\_set\_up\_and\_use\_iSCSI\_target\_on\_Linux)
-												Update 3260-pentesting-iscsi.md
											
										
										
											2021-01-15 09:05:40 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								**Note:** Unaweza kupata kwamba wakati malengo yako yanagunduliwa, yanatajwa chini ya anwani tofauti ya IP. Hii hutokea ikiwa huduma ya iSCSI imewekwa wazi kupitia NAT au IP ya virtual. Katika hali kama hizi, `iscsiadmin` itashindwa kuungana. Hii inahitaji marekebisho mawili: moja kwa jina la saraka ya node iliyoundwa kiotomatiki na shughuli zako za kugundua, na moja kwa faili ya `default` iliyo ndani ya saraka hii.
-												Translated to Swahili

											
										
										
											2024-02-11 02:13:58 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								Kwa mfano, unajaribu kuungana na lengo la iSCSI kwenye 123.123.123.123 kwenye bandari 3260. Server inayoweka wazi lengo la iSCSI iko kwa kweli kwenye 192.168.1.2 lakini imewekwa wazi kupitia NAT. isciadm itarekodi anwani ya _ndani_ badala ya anwani ya _umma_:
-												GitBook: [#3160] No subject

											
										
										
											2022-05-01 13:25:53 +00:00
+								```
-												Update 3260-pentesting-iscsi.md
											
										
										
											2021-01-15 09:05:40 +00:00
+								iscsiadm -m discovery -t sendtargets -p 123.123.123.123:3260
 .168.1.2:3260,1 iqn.1992-05.com.emc:fl1001433000190000-3-vnxe
 								[...]
 								```
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								Hii amri itaunda saraka katika mfumo wako wa faili kama hii:
-												GitBook: [#3160] No subject

											
										
										
											2022-05-01 13:25:53 +00:00
+								```
-												Update 3260-pentesting-iscsi.md
											
										
										
											2021-01-15 09:05:40 +00:00
+								/etc/iscsi/nodes/iqn.1992-05.com.emc:fl1001433000190000-3-vnxe/192.168.1.2\,3260\,1/
 								```
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								Katika saraka, kuna faili ya default yenye mipangilio yote muhimu kuungana na lengo.
-												Update 3260-pentesting-iscsi.md
											
										
										
											2021-01-15 09:05:40 +00:00
-												Translated to Swahili

											
										
										
											2024-02-11 02:13:58 +00:00
+. Badilisha jina la `/etc/iscsi/nodes/iqn.1992-05.com.emc:fl1001433000190000-3-vnxe/192.168.1.2\,3260\,1/` kuwa `/etc/iscsi/nodes/iqn.1992-05.com.emc:fl1001433000190000-3-vnxe/123.123.123.123\,3260\,1/`
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+. Ndani ya `/etc/iscsi/nodes/iqn.1992-05.com.emc:fl1001433000190000-3-vnxe/123.123.123.123\,3260\,1/default`, badilisha mipangilio ya `node.conn[0].address` ili kuelekeza kwenye 123.123.123.123 badala ya 192.168.1.2. Hii inaweza kufanywa kwa amri kama `sed -i 's/192.168.1.2/123.123.123.123/g' /etc/iscsi/nodes/iqn.1992-05.com.emc:fl1001433000190000-3-vnxe/123.123.123.123\,3260\,1/default`
-												Update 3260-pentesting-iscsi.md
											
										
										
											2021-01-15 09:05:40 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								Sasa unaweza kuunganisha lengo kulingana na maelekezo katika kiungo.
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								### [Mount ISCSI on Windows](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ee338476\(v=ws.10\)?redirectedfrom=MSDN)
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								## **Uhesabu wa mikono**
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
+								```bash
 								sudo apt-get install open-iscsi
 								```
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								Example from [iscsiadm docs](https://ptestmethod.readthedocs.io/en/latest/LFF-IPS-P2-VulnerabilityAnalysis.html#iscsiadm):
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								Kwanza kabisa unahitaji **kuvumbua majina ya malengo** nyuma ya IP:
-												a

											
										
										
											2024-02-08 21:36:35 +00:00
+								```bash
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
+								iscsiadm -m discovery -t sendtargets -p 123.123.123.123:3260
 .123.123.123:3260,1 iqn.1992-05.com.emc:fl1001433000190000-3-vnxe
 								[2a01:211:7b7:1223:211:32ff:fea9:fab9]:3260,1 iqn.2000-01.com.synology:asd3.Target-1.d0280fd382
 								[fe80::211:3232:fab9:1223]:3260,1 iqn.2000-01.com.synology:Oassdx.Target-1.d0280fd382
 								```
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								_Note kwamba itaonyesha I**P na bandari za interfaces** ambapo unaweza **kufikia** hizo **malengo**. Inaweza hata **kuonyesha IP za ndani au IP tofauti** kutoka ile uliyotumia._
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								Kisha **shika sehemu ya 2 ya mfuatano wa maandiko ya kila mstari** (_iqn.1992-05.com.emc:fl1001433000190000-3-vnxe_ kutoka mstari wa kwanza) na **jaribu kuingia**:
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
+								```bash
 								iscsiadm -m node --targetname="iqn.1992-05.com.emc:fl1001433000190000-3-vnxe" -p 123.123.123.123:3260 --login
 								Logging in to [iface: default, target: iqn.1992-05.com.emc:fl1001433000190000-3-vnxe, portal: 123.123.123.123,3260] (multiple)
 								Login to [iface: default, target: iqn.1992-05.com.emc:fl1001433000190000-3-vnxe, portal: 123.123.123.123,3260] successful.
 								```
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								Kisha, unaweza **logout** ukitumia `–logout`
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
+								```bash
 								iscsiadm -m node --targetname="iqn.1992-05.com.emc:fl1001433000190000-3-vnxe" -p 123.123.123.123:3260 --logout
 								Logging out of session [sid: 6, target: iqn.1992-05.com.emc:fl1001433000190000-3-vnxe, portal: 123.123.123.123,3260]
 								Logout of [sid: 6, target: iqn.1992-05.com.emc:fl1001433000190000-3-vnxe, portal: 123.123.123.123,3260] successful.
 								```
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								Tunaweza kupata **maelezo zaidi** kuhusu hilo kwa kutumia tu **bila** parameter yoyote ya `--login`/`--logout`
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
+								```bash
 								iscsiadm -m node --targetname="iqn.1992-05.com.emc:fl1001433000190000-3-vnxe" -p 123.123.123.123:3260
 								# BEGIN RECORD 2.0-873
 								node.name = iqn.1992-05.com.emc:fl1001433000190000-3-vnxe
 								node.tpgt = 1
 								node.startup = manual
 								node.leading_login = No
 								iface.hwaddress = <empty>
 								iface.ipaddress = <empty>
 								iface.iscsi_ifacename = default
 								iface.net_ifacename = <empty>
 								iface.transport_name = tcp
 								iface.initiatorname = <empty>
 								iface.bootproto = <empty>
 								iface.subnet_mask = <empty>
 								iface.gateway = <empty>
 								iface.ipv6_autocfg = <empty>
 								iface.linklocal_autocfg = <empty>
 								iface.router_autocfg = <empty>
 								iface.ipv6_linklocal = <empty>
 								iface.ipv6_router = <empty>
 								iface.state = <empty>
 								iface.vlan_id = 0
 								iface.vlan_priority = 0
 								iface.vlan_state = <empty>
 								iface.iface_num = 0
 								iface.mtu = 0
 								iface.port = 0
 								node.discovery_address = 192.168.xx.xx
 								node.discovery_port = 3260
 								node.discovery_type = send_targets
 								node.session.initial_cmdsn = 0
 								node.session.initial_login_retry_max = 8
 								node.session.xmit_thread_priority = -20
 								node.session.cmds_max = 128
 								node.session.queue_depth = 32
 								node.session.nr_sessions = 1
 								node.session.auth.authmethod = None
 								node.session.auth.username = <empty>
 								node.session.auth.password = <empty>
 								node.session.auth.username_in = <empty>
 								node.session.auth.password_in = <empty>
 								node.session.timeo.replacement_timeout = 120
 								node.session.err_timeo.abort_timeout = 15
 								node.session.err_timeo.lu_reset_timeout = 30
 								node.session.err_timeo.tgt_reset_timeout = 30
 								node.session.err_timeo.host_reset_timeout = 60
 								node.session.iscsi.FastAbort = Yes
 								node.session.iscsi.InitialR2T = No
 								node.session.iscsi.ImmediateData = Yes
 								node.session.iscsi.FirstBurstLength = 262144
 								node.session.iscsi.MaxBurstLength = 16776192
 								node.session.iscsi.DefaultTime2Retain = 0
 								node.session.iscsi.DefaultTime2Wait = 2
 								node.session.iscsi.MaxConnections = 1
 								node.session.iscsi.MaxOutstandingR2T = 1
 								node.session.iscsi.ERL = 0
 								node.conn[0].address = 192.168.xx.xx
 								node.conn[0].port = 3260
 								node.conn[0].startup = manual
 								node.conn[0].tcp.window_size = 524288
 								node.conn[0].tcp.type_of_service = 0
 								node.conn[0].timeo.logout_timeout = 15
 								node.conn[0].timeo.login_timeout = 15
 								node.conn[0].timeo.auth_timeout = 45
 								node.conn[0].timeo.noop_out_interval = 5
 								node.conn[0].timeo.noop_out_timeout = 5
 								node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
 								node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
 								node.conn[0].iscsi.HeaderDigest = None
 								node.conn[0].iscsi.DataDigest = None
 								node.conn[0].iscsi.IFMarker = No
 								node.conn[0].iscsi.OFMarker = No
 								# END RECORD
 								```
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								**Kuna skripti ya kuandaa mchakato wa msingi wa kuhesabu subnet inapatikana kwenye** [**iscsiadm**](https://github.com/bitvijays/Pentest-Scripts/tree/master/Vulnerability\_Analysis/isciadm)
-												GitBook: [master] one page modified
											
										
										
											2020-09-18 11:59:55 +00:00
-												GitBook: [#3160] No subject

											
										
										
											2022-05-01 13:25:53 +00:00
+								## **Shodan**
-												GitBook: [master] one page modified
											
										
										
											2020-09-18 11:59:55 +00:00
 								* `port:3260 AuthMethod`
-												GitBook: [master] 351 pages and 442 assets modified
											
										
										
											2020-07-15 15:43:14 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								## **Marejeleo**
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												a

											
										
										
											2024-02-08 21:36:35 +00:00
+								* [https://bitvijays.github.io/LFF-IPS-P2-VulnerabilityAnalysis.html](https://bitvijays.github.io/LFF-IPS-P2-VulnerabilityAnalysis.html)
 								* [https://ptestmethod.readthedocs.io/en/latest/LFF-IPS-P2-VulnerabilityAnalysis.html#iscsiadm](https://ptestmethod.readthedocs.io/en/latest/LFF-IPS-P2-VulnerabilityAnalysis.html#iscsiadm)
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								{% hint style="success" %}
 								Jifunze & fanya mazoezi ya AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
 								Jifunze & fanya mazoezi ya GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								<details>
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								<summary>Support HackTricks</summary>
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
 								* **Jiunge na** 💬 [**kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuatilie** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
 								* **Shiriki mbinu za hacking kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
 								</details>
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 05:19:21 +00:00
+								{% endhint %}