4.3 KiB
HackTricks in 🐦 Twitter 🐦 - 🎙️ Twitch 🎙️ - 🎥 Youtube 🎥
-
Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access to the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!
-
Discover The PEASS Family, our collection of exclusive NFTs
-
Get the official PEASS & HackTricks swag
-
Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦@carlospolopm.
-
Share your hacking tricks by submitting PRs to the hacktricks repo and hacktricks-cloud repo.
Basic Information
GlusterFS is a distributed, arbitrarily scalable file system that aggregates storage components from several servers into one, uniform file system.
Default ports: 24007/tcp/udp, 24008/tcp/udp, 49152/tcp (onwards)
For the port 49152, ports incremented by 1 need to be open to use more bricks. Previously the port 24009 was used instead of 49152.
PORT STATE SERVICE
24007/tcp open rpcbind
49152/tcp open ssl/unknown
Enumeration
To interact with this filesystem you need to install the GlusterFS client (sudo apt-get install glusterfs-cli
).
To list and mount the available volumes you can use:
sudo gluster --remote-host=10.10.11.131 volume list
# This will return the name of the volumes
sudo mount -t glusterfs 10.10.11.131:/<vol_name> /mnt/
If you receive an error trying to mount the filesystem, you can check the logs in /var/log/glusterfs/
Errors mentioning certificates can be fixed by stealing the files (if you have access to the system):
- /etc/ssl/glusterfs.ca
- /etc/ssl/glusterfs.key
- /etc/ssl/glusterfs.ca.pem
And storing them in your machine /etc/ssl
or /usr/lib/ssl
directory (if a different directory is used check for lines similar to: "could not load our cert at /usr/lib/ssl/glusterfs.pem" in the logs) .
HackTricks in 🐦 Twitter 🐦 - 🎙️ Twitch 🎙️ - 🎥 Youtube 🎥
-
Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access to the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!
-
Discover The PEASS Family, our collection of exclusive NFTs
-
Get the official PEASS & HackTricks swag
-
Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦@carlospolopm.
-
Share your hacking tricks by submitting PRs to the hacktricks repo and hacktricks-cloud repo.