hacktricks/network-services-pentesting/24007-24008-24009-49152-pentesting-glusterfs.md
carlospolop f0e09e3f54 social
2023-03-06 00:16:20 +01:00

4.3 KiB

HackTricks in 🐦 Twitter 🐦 - 🎙️ Twitch Wed - 18.30(UTC) 🎙️ - 🎥 Youtube 🎥

Basic Information

GlusterFS is a distributed, arbitrarily scalable file system that aggregates storage components from several servers into one, uniform file system.

Default ports: 24007/tcp/udp, 24008/tcp/udp, 49152/tcp (onwards)
For the port 49152, ports incremented by 1 need to be open to use more bricks. Previously the port 24009 was used instead of 49152.

PORT      STATE  SERVICE
24007/tcp open   rpcbind
49152/tcp open   ssl/unknown

Enumeration

To interact with this filesystem you need to install the GlusterFS client (sudo apt-get install glusterfs-cli).

To list and mount the available volumes you can use:

sudo gluster --remote-host=10.10.11.131 volume list
# This will return the name of the volumes

sudo mount -t glusterfs 10.10.11.131:/<vol_name> /mnt/

If you receive an error trying to mount the filesystem, you can check the logs in /var/log/glusterfs/

Errors mentioning certificates can be fixed by stealing the files (if you have access to the system):

  • /etc/ssl/glusterfs.ca
  • /etc/ssl/glusterfs.key
  • /etc/ssl/glusterfs.ca.pem

And storing them in your machine /etc/ssl or /usr/lib/ssl directory (if a different directory is used check for lines similar to: "could not load our cert at /usr/lib/ssl/glusterfs.pem" in the logs) .

HackTricks in 🐦 Twitter 🐦 - 🎙️ Twitch Wed - 18.30(UTC) 🎙️ - 🎥 Youtube 🎥