Metasploitable 2: Compromise – NFS Shares

Our Nessus scan results show an interesting vulnerability:

 Medium (5.0) 42256 NFS Shares World Readable

It’s only got a medium risk rating but who knows what data is in there.

Lets connect to it from our Kali box. There are various ways you could do this – here we can simply point the file browser at the box by specifying the system in the connect window:



Connect NFS Metasploitable

Hit connect and we are in the root of the filesystem without any prompt for authentication:


We can take this further now by trying to grab the account password hashes from the system and then cracking them with something like John the Ripper.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s