search

Unauthorized Access Vulnerability in NFS

hashtag
Vulnerability Description

NFS (Network File System) is a network file system that allows sharing of files across different network hosts. When the NFS server is not properly configured or lacks access control mechanisms, there may be an unauthorized access vulnerability. Attackers can use this vulnerability to access files and data on the affected host, and even modify or delete sensitive information.

hashtag
Environment Setup

# Install nfs service
yum install nfs-utils.x86_64 -y

# Start the service
systemctl start nfs-server.service

# Set up auto-start
systemctl enable rpcbind.service
systemctl enable nfs-server.service

# Configure nfs
vim /etc/exports

/ *(rw,sync,no_root_squash)

# Start sharing
exportfs -r

hashtag
Vulnerability Exploitation

View sharing

Client mount command

Scan nfs

View the mounted directory, all the files under the / directory will appear

image-20230130132416011
PreviousUnauthorized Access Vulnerability in MemcachedNextUnauthorized Access Vulnerability in Redis

Last updated