LINUX - NFS
- Layout for this exercise:
- NFS (Network File System) is a service available on Linux systems, which function is to allow users manage of shared folders over a network. In case of misconfiguration NFS might convert into a serious vulnerability allowing attackers access to the whole system.
- The attacker discover the NFS service running on port 2049:
- showmount displays a list of exported directories from a specific machine, in this case the vulnerable victim's IP.
- The result (/*) shows that even the root directory at the victim is shared, which it is actually a huge security breach, because the whole system is available to be shared by any attacker.
- As a consequence, the filesystem accessed with showmount can be mounted or attached into a temporary folder at the attacker's machine. The option nolock ensures disabling file locking:
- A a result, the attacker can see locally the whole content of the remote system:
- For instance, etc/passwd is obtained by the attacker: