Exploit Notes
Exploit Notes

Exploits related to Network

Protocol

Dynamic Host Configuration Protocol (DHCP) Pentesting
FTP (File Transfer Protocol) Pentesting
IRC (Internet Relay Chat) Pentesting
Memcache Pentesting
Modbus Pentesting
NFS (Network File System) Pentesting
NTP (Network Time Protocol) Pentesting
RTSP (Real Time Streaming Protocol) Pentesting
Restricted Shell (rbash, rzsh) Bypass
SNMP (Simple Network Management Protocol) Pentesting
SSH (Secure Shell) Pentesting
TFTP (Trivial File Transfer Protocol) Pentesting
Telnet Pentesting
UPnP (Universal Plug and Play) Pentesting
VNC (Virtual Network Computing) Pentesting
WASTE Pentesting

Port Forwarding

Port Forwarding with Chisel
Port Forwarding with Plink
Port Forwarding with SSH
Port Forwarding with Socat

WiFi

MITM (Man in the Middle) Attack
WiFi Hacking

Tool

Tshark
Wireshark

VPN

IPsec VPN Pentesting
OpenVPN Hacking

Others

ARP (Address Resolution Protocol) Spoofing
EthernetIP Pentesting
Firewall
Honeypots
MAC Flooding Attack
Network Traffic Analysis (NTA)
Networking
Rsync Pentesting
Tor

NFS (Network File System) Pentesting

Last modified: 2022-12-25

Network

NFS is a distributed file system protocol that allows a user on a client computer to access files over a computer network much like local storage is accessed. Default ports are 111, 2049.

Enumeration

nmap --script=nfs-ls,nfs-statfs,nfs-showmount -p 111,2049 <target-ip>

Mounting Folders

1. Check if there are folders avaiable to mount in remote machine.

showmount -e <target-ip>

By the way, If you get error "showmount: command not found", install "nft-common".

apt-cache search showmount
sudo apt install nfs-common

2. Mount to local folder

If we find a folder available, we can mount it to local folder.
Create a new folder under /mnt.

sudo mkdir /mnt/test

Now mount a folder.

# -t: Type
# -o nolock: Option. 'nolock' disables file locking. It's required for older NFS servers.
sudo mount -t nfs <target-ip>:/target/dir /mnt/test -o nolock

# -o vers=2: 
sudo mount -t nfs <target-ip>:/target/dir /mnt/test -o nolock -o vers=2

3. Confirm mounting successfully

ls /mnt/test

4. Clean up the mounted folder after investigation

sudo umount /mnt/test
sudo rm -r /mnt/test
Twitter GitHub

Tools by HDKS

Fuzzagotchi

Automatic web fuzzer.

aut0rec0n

Auto reconnaissance CLI.

Hash Cracker

Hash identifier.