Skip to content

2049 - Pentesting nfs

NFS (Network File System) is a protocol for file sharing between computers over a network. It allows a computer to access files on another computer as if they were on its own local hard drive. NFS was developed by Sun Microsystems in the 1980s and is now maintained by the Internet Assigned Numbers Authority (IANA).


sudo nmap -sU -sT -sC -sV -p 2049 $IP
nmap -p 2049 --script=nfs-ls $IP         # List NFS exports and check permissions
nmap -p 2049 --script=nfs-showmount $IP  # Like showmount -e
nmap -p 2049 --script=nfs-statfs $IP     # Disk statistics and info from NFS share


To know which folder has the server available to mount you an ask it using

sudo apt install -y nfs-common
showmount -e $IP

Then mount it using

mkdir -p /tmp/nfs_hacked
sudo mount -t nfs $IP:/home /tmp/nfs_hacked
sudo umount /tmp/nfs_hacked