26 July 2011 | 11,278 views

NfSpy – ID-spoofing NFS Client – Falsify NFS Credentials

Secure Your Website with Acunetix

NfSpy is a FUSE filesystem written in Python that automatically changes UID and GID to give you full access to any file on an NFS share. Use it to mount an NFS export and act as the owner of every file and directory.

Vulnerability Exploited

NFS before version 4 is reliant upon host trust relationships for authentication. The NFS server trusts any client machines to authenticate users and assign the same user IDs (UIDS) that the shared filesystem uses. This works in NIS, NIS+, and LDAP domains, for instance, but only if you know the client machine is not compromised, or faking its identity. This is because the only authentication in the NFS protocol is the passing of the UID and GID (group ID). There are a few things that can be done to enhance the security of NFS, but many of them are incomplete solutions, and even with them implemented, it could still be possible to circumvent the security measures.

Features

  • Use filehandles from packet captures instead of asking mountd.
  • Hide from sysadmins by immediately “unmounting” while retaining access
  • Specify port/protocol for NFS or Mountd if you don’t have access to the portmapper

You can download NfSpy here:

NfSpy.zip

Or read more here.





                

Recent in Hacking Tools:
- EyeWitness – A Rapid Web Application Triage Tool
- wig – WebApp Information Gatherer – Identify CMS
- Capstone – Multi-platform, Multi-architecture Disassembly Framework

Related Posts:
- NfSpy – ID-spoofing NFS Client Tool – Mount NFS Shares Without Account
- Windows Credentials Editor v1.0 – List, Add & Edit Logon Sessions
- XMPPloit – A Tool to Attack XMPP Connections

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,845,008 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,030,400 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 613,353 views

Low-cost VPS Hosting

Comments are closed.