Network File System
https://resources.infosecinstitute.com/exploiting-nfs-share/
https://blog.christophetd.fr/write-up-vulnix/
https://book.hacktricks.xyz/linux-unix/privilege-escalation/nfs-no_root_squash-misconfiguration-pe
Discover rpcbind:
$ sudo nmap -sV --script rpcinfo 10.10.13.37 -p111
Run Nmap scripts:
$ sudo nmap -sV --script 'nfs*' 10.10.13.37 -p2049
$ showmount -e 10.10.13.37 $ sudo mount -v -t nfs -o vers=3 -o nolock -o user=snovvcrash,pass='Passw0rd!' 10.10.13.37:/home /mnt/nfs
Last updated 3 years ago
