NFS
NFS Enumeration Cheat Sheet¶
Basic NFS Commands¶
| Options | Commands | Description |
|---|---|---|
showmount -e $target | Display the NFS exports on the target server | |
mount -t nfs $target:/export /mnt/nfs | Mount an NFS export to a local directory | |
-o ro | mount -t nfs -o ro $target:/export /mnt/nfs | Mount an NFS export in read-only mode |
umount /mnt/nfs | Unmount the NFS share |
Common NFS Commands¶
| Options | Commands | Description |
|---|---|---|
df -hT | Check the type and usage of all mounted filesystems, including NFS shares | |
exportfs -v | Display local NFS exports and their options | |
nfsstat -c | Show NFS client statistics | |
nfsstat -s | Show NFS server statistics |
NFS Enumeration Tools¶
| Options | Commands | Description |
|---|---|---|
nmap -p 2049 --script nfs-ls,nfs-statfs,nfs-showmount $target | Enumerate NFS shares, directories, and filesystem statistics using Nmap scripts | |
enum4linux-ng -N $target | Enumerate NFS exports and information using enum4linux-ng | |
nfs-common-tools | A collection of NFS tools for enumeration and interaction with NFS shares |
Mounting NFS with Specific Options¶
| Options | Commands | Description |
|---|---|---|
-o nolock | mount -t nfs -o nolock $target:/export /mnt/nfs | Mount NFS without file locking (useful for some older servers) |
-o soft | mount -t nfs -o soft $target:/export /mnt/nfs | Mount NFS with a soft timeout (useful if the server may become unresponsive) |
-o vers=3 | mount -t nfs -o vers=3 $target:/export /mnt/nfs | Mount NFS using a specific version, e.g., NFSv3 |
NFS Access Control and Security¶
| Options | Commands | Description |
|---|---|---|
exportfs -r | Re-export all NFS directories after editing /etc/exports | |
iptables -A INPUT -p tcp --dport 2049 -j ACCEPT | Allow NFS traffic through the firewall | |
rpcinfo -p $target | List all RPC services (including NFS) running on the target server |