Constant connections and odd binaries running on systems usually get caught pretty quickly in CCDC events. However, NFS exports are hardly ever noticed. Setting it up on an Ubuntu/Debian box is a snap and given the right directory and permissions can lead you right back to getting shell any time you want without a constant connection. Plus, NFS blends right in and can listen on TCP and/or UDP (2049)
Here is a quick how-to on setting up NFS
https://help.ubuntu.com/community/SettingUpNFSHowTo
I'm sure you can think of much more evil locations but /etc/, /var/www/, and /root/ are some of my favorite exports, but there is no reason why you couldn't just export '/' that I know of. (NFSd might not permit it)
Remember to change the NFS settings so that it runs as root and you are golden.
-Regards,
blog-windows blog
(Googlethewebsite.blogspot.com/blog-windows.blogspot.com)
0 Response to "Creating Vulnerabilities: NFS Exports"
Post a Comment