1.9 KiB
NFS Enumeration
The Network File System (NFS) is a distributed file system protocol that allows clients in a network to access and interact with files and directories on remote servers as if they were local. Developed by Sun Microsystems in the 1980s, NFS is designed to enable efficient sharing and management of files across different operating systems and platforms.
NFS operates based on a client-server model, where the client is the system that requests access to files or directories, and the server is the system that holds and manages these resources. The NFS protocol defines a set of operations that clients can use to perform file-related tasks, such as reading, writing, creating, deleting, and listing files and directories.
Find NFS Shares on the Network
NFS provides a level of transparency to the user and applications. Remote files and directories are accessed just like local ones, with no need for the user to be aware of the underlying network communication. You just have to find the shares.
You can look for NFS mounts on a network using the following command
rpcinfo -p $TARGET_IP
or another alternative is
showmount -e $TARGET_IP
Mount NFS Shares
Clients can "mount" remote directories onto their local file system, making the remote files and directories appear as if they are part of the client's own file system hierarchy.
Mount a share via the following command
mkdir /tmp/nfsfiles
mount -t nfs -o nolock $TARGET_IP: /tmp/nfsfiles
User ID
The now mounted share got the same user permissions as on the original machine you connected to. That means you might want to create a user following the same uid or the same gid to get permissions to open the directory.
If the permissions of the directory inside the mounted NFS share are set for uid 1003 it would look like the following example
sudo useradd nfsuser -u 1003 -m -s /bin/bash