Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-22 12:43:23 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/network-services-pentesting/24007-24008-24009-49152-pentesting-glusterfs.md

62 lines
4 KiB
Markdown
Raw Blame History

{% hint style="success" %}
Leer & oefen AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Leer & oefen GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Ondersteun HackTricks</summary>
* Kyk na die [**subskripsie planne**](https://github.com/sponsors/carlospolop)!
* **Sluit aan by die** 💬 [**Discord groep**](https://discord.gg/hRep4RUj7f) of die [**telegram groep**](https://t.me/peass) of **volg** ons op **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Deel hacking truuks deur PRs in te dien na die** [**HackTricks**](https://github.com/carlospolop/hacktricks) en [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
# Basiese Inligting
**GlusterFS** is 'n **verspreide lêerstelsel** wat stoorplek van verskeie bedieners kombineer in een **geïntegreerde stelsel**. Dit stel jou in staat tot **arbitraire skaalbaarheid**, wat beteken dat jy maklik stoorbedieners kan byvoeg of verwyder sonder om die algehele lêerstelsel te ontwrig. Dit verseker hoë **beskikbaarheid** en **fouttoleransie** vir jou data. Met GlusterFS kan jy jou lêers benader asof dit plaaslik gestoor is, ongeag die onderliggende bediener infrastruktuur. Dit bied 'n kragtige en buigsame oplossing vir die bestuur van groot hoeveelhede data oor verskeie bedieners.
**Standaard poorte**: 24007/tcp/udp, 24008/tcp/udp, 49152/tcp (voorts)\
Vir die poort 49152, moet poorte wat met 1 vermeerder word oop wees om meer bakstene te gebruik. _Voorheen is die poort 24009 gebruik in plaas van 49152._
```
PORT STATE SERVICE
24007/tcp open rpcbind
49152/tcp open ssl/unknown
```
## Enumeration
Om met hierdie lêerstelsel te kommunikeer, moet jy die [**GlusterFS-kliënt**](https://download.gluster.org/pub/gluster/glusterfs/LATEST/) (`sudo apt-get install glusterfs-cli`) installeer.
Om die beskikbare volumes te lys en te monteer, kan jy gebruik maak van:
```bash
sudo gluster --remote-host=10.10.11.131 volume list
# This will return the name of the volumes
sudo mount -t glusterfs 10.10.11.131:/<vol_name> /mnt/
```
If you receive an **error trying to mount the filesystem**, you can check the logs in `/var/log/glusterfs/`
**Errors mentioning certificates** can be fixed by stealing the files (if you have access to the system):
* /etc/ssl/glusterfs.ca
* /etc/ssl/glusterfs.key
* /etc/ssl/glusterfs.ca.pem
En dit in jou masjien se `/etc/ssl` of `/usr/lib/ssl` gids te stoor (as 'n ander gids gebruik word, kyk vir lyne soortgelyk aan: "_could not load our cert at /usr/lib/ssl/glusterfs.pem_" in die logs) .
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
Reference in a new issue View git blame Copy permalink