Metasploitable

Metasploitable – Exploiting nfs

root@kali:~# nmap -sV 192.168.49.201 -n -p 2049 -sC

 

List the directories available for export / mounting:

Let’s create a mount point and mount / of the target.

Successfully mounted.

Well, get the shadow file.

Leave cracking passwords for later, and let’s get ssh keys.

Add the public key to target’s root ssh known_hosts file. This will allow us to use msfadmin’s private key and get direct ssh access as root.

 

Leave a Reply

Your email address will not be published. Required fields are marked *