111 - NFS

Network File System

NFS is a distributed file system protocol for sharing over a network. Often used with UNIX operating systems and is predominantly insecure in its implementation. Portmapper and RPCbind both listen on port 111 and redirects clients to appropriate ports, often TCP 2049.

Scan with nmap or use NSE scripts to locate NFS shares

nmap -v -p 111 10.11.1.1-254
nmap -sV -p 111 --script=rpcinfo 10.11.1.1-254

Enumeration

nmap -p 111 --script nfs* $RHOST
nmap -sV -p 111 --script=rpcinfo $RHOST 
nmap -p 111 --script nfs* 10.11.1.72
rpcinfo -p $targetip
rpcbind $targetip

Mounting shares

showmount --exports $target_ip
mount -o nolock $target_ip:/ /mnt

If files aren't readable, you may be able to create a new user, then use sed to change the UUID of the user to match the requirements (su username)

Previous80/443 - HTTP(s)Next135 - RPC

Last updated 1 year ago