NFS

sudo nmap 10.129.14.128 -p111,2049 -sV -sC

More specific scripts:

sudo nmap --script nfs* 10.129.14.128 -sV -p111,2049

Mount it on local FS (Linux)

showmount -e 10.129.14.128

mkdir target-NFS
sudo mount -t nfs 10.129.14.128:/ ./target-NFS/ -o nolock

NFS file permissions are based on UID and GID like normal Linux FS permissions.

Enumerate the UID and GID using ls -l and those cna be replicated on local machine. (unless root_squash is enabled on the NFS config, then root owned files could not be editable)

Also useful to tranfer files with SUID flags to move laterally on the host.

Unmounting

sudo umount ./target-NFS

PreviousSamba (smb)NextDNS

Last updated 2 months ago