NFSShell: Installation on Ubuntu simplified.

NFSShell is neat little tool that allows user level access to an NFS server and its NFS shares. It can be used by penetration testers to exploit known issues with the NFS Service typically associated with the port 2049/tcp. A whole host of vulnerabilities are associated with an NFS share being exposed.

 
The screenshot below shows several simple steps I took to view an NFS share available to mount on the 192.168.0.16 host. I then used the NFSShell tool to export and mount the shares to view the files hosted on the exposed share.

 
[[{"type":"media","view_mode":"media_large","fid":"329","attributes":{"alt":"","class":"media-image","height":"419","typeof":"foaf:Image","width":"480"}}]]
 

 

If you have ever Googled for instructions on how to install NFSShell on Ubuntu you might have noticed there aren’t a lot of references on how to do this easily. I found a small number of references online that provide installation instructions but they didn’t work well for me, although I was able to use them as a starting point. With a bit of tweaking this is what worked for me:

 

Platforms tested:

 

  • Ubuntu 12.04 32bit
  • Backtrack 5 R3 32bit.

 
Pop open a terminal and input the following commands:
 

1
2
3
4
5
6
sudo apt-get install libtirpc-dev libncurses-dev
wget http://www.cs.vu.nl/pub/leendert/nfsshell.tar.gz
tar zxvf nfsshell.tar.gz
cd nfs
sudo ln -s /usr/include/tirpc/rpc/clnt_soc.h /usr/include/rpc/clnt_soc.h
perl -p -i.orig -e 's/getline/getline_nfs/' nfs.c

Changing some text in the Makefile

Before you can run the make file and install NFSShell you need to make some changes. In your terminal enter:
 

nano Makefile

Comment the four lines following:
 

# uncomment the following 4 lines for Solaris 2.x

Then, uncomment the 3 lines following:
 

# uncomment the following 3 lines for linux (tested on 2.0.33/redhat 5)

To complete the process run the newly amended make file by entering the following into your terminal window:
 

make

Provided there are no errors, you have successfully compiled NFSShell. To test to see if your tool is working, type the following in your terminal whilst inside the nfs folder:
 

./nfs

 

Category: Network Security

We are Perspective Risk

Information security is crucial to every aspect of your business – operational efficiency, profitability, business continuity, customer confidence, brand loyalty, protection against fraud and meeting regulatory requirements.

Perspective Risk provides in-depth security assessments, risk management and compliance solutions to help you keep your confidential information safe and your critical systems secure. We’re innovative, flexible and supportive, helping you through any information security issues to deliver real business benefits and excellent value.