search
DiscordHackTheBoxTryHackMeGitHub

NFS

hashtag
ABOUT

Network File System (NFS) is a network file system developed by Sun Microsystems and has the same purpose as SMB. Its purpose is to access file systems over a network as if they were local. NFS is used between Linux and Unix systems. This means that NFS clients cannot communicate directly with SMB servers. The /etc/exports file contains a table of physical filesystems on an NFS server accessible by the clients.

hashtag
Dangerous Settings

  • rw - Read and write permissions.

  • insecure - Ports above 1024 will be used.

  • nohide - If another file system was mounted below an exported directory, this directory is exported by its own exports entry.

  • no_root_squash - All files created by root are kept with the UID/GID 0.

hashtag
Tips2Hack

  1. Basic nmap footprinting

sudo nmap --script nfs* 13.13.13.13 -sV -p111,2049

  1. Show available NFS shares

showmount -e 13.13.13.13

  1. Mounting & Unmounting NFS shares

> mkdir target-NFS
> sudo mount -t nfs 13.13.13.13:/ ./target-NFS/ -o nolock
> sudo umount ./target-NFS
PreviousSMBNextSSH

Last updated