LINUX - NFS
- Layout for this exercise:

- NFS (Network File System) is a service available on Linux systems, which function is to allow users manage of shared folders over a network. In case of misconfiguration NFS might convert into a serious vulnerability allowing attackers access to the whole system.
- The attacker discover the NFS service running on port 2049:

- showmount displays a list of exported directories from a specific machine, in this case the vulnerable victim's IP.

- The result (/*) shows that even the root directory at the victim is shared, which it is actually a huge security breach, because the whole system is available to be shared by any attacker.
- As a consequence, the filesystem accessed with showmount can be mounted or attached into a temporary folder at the attacker's machine. The option nolock ensures disabling file locking:


- A a result, the attacker can see locally the whole content of the remote system:

- For instance, etc/passwd is obtained by the attacker:
