Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-15 01:17:36 +00:00
Code Issues Projects Releases Packages Wiki Activity

HAC nfs

Browse source
This commit is contained in:
CoolHandSquid 2021-08-12 08:55:42 -04:00 committed by GitHub
parent e1cdfc3cdc
commit 9a08be6f97
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 27 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
pentesting/nfs-service-pentesting.md
View file

@ -70,3 +70,30 @@ To easily list, mount and change UID and GID to have access to files you can use
[NFS no\_root\_squash and no\_all\_squash privilege escalation](../linux-unix/privilege-escalation/nfs-no_root_squash-misconfiguration-pe.md)
## HackTricks Automatic Commands
```
Protocol_Name: NFS #Protocol Abbreviation if there is one.
Port_Number: 2049 #Comma separated if there is more than one.
Protocol_Description: Network File System #Protocol Abbreviation Spelled out
Name: Notes
Description: Notes for NFS
Note: """
It is a client/server system that allows users to access files across a network and treat them as if they resided in a local file directory.
#apt install nfs-common
showmount 10.10.10.180 ~or~showmount -e 10.10.10.180
should show you available shares (example /home)
mount -t nfs -o ver=2 10.10.10.180:/home /mnt/
cd /mnt
nano into /etc/passwd and change the uid (probably 1000 or 1001) to match the owner of the files if you are not able to get in
https://book.hacktricks.xyz/pentesting/nfs-service-pentesting
"""
Name: Nmap
Description: Nmap with NFS Scripts
Command: """nmap --script=nfs-ls.nse,nfs-showmount.nse,nfs-status.nse -p 2049 {IP}"""
```