3.7 KiB

Raw Blame History

Support HackTricks and get benefits!

Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!

Discover The PEASS Family, our collection of exclusive NFTs

Get the official PEASS & HackTricks swag

Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦@carlospolopm.

Share your hacking tricks submitting PRs to the hacktricks github repo.

24007,24008,24009,49152 - Pentesting GlusterFS

Basic Information

GlusterFS is a distributed, arbitrarily scalable file system that aggregates storage components from several servers into one, uniform file system.

Default ports: 24007/tcp/udp, 24008/tcp/udp, 49152/tcp (onwards)
For the port 49152, ports incremented by 1 need to be open to use more bricks. Previously the port 24009 was used instead of 49152.

PORT      STATE  SERVICE
24007/tcp open   rpcbind
49152/tcp open   ssl/unknown

Enumeration

To interact with this filesystem you need to install the GlusterFS client (sudo apt-get install glusterfs-cli).

To list and mount the available volumes you can use:

sudo gluster --remote-host=10.10.11.131 volume list
# This will return the name of the volumes

sudo mount -t glusterfs 10.10.11.131:/<vol_name> /mnt/

If you receive an error trying to mount the filesystem, you can check the logs in /var/log/glusterfs/

Errors mentioning certificates can be fixed by stealing the files (if you have access to the system):

/etc/ssl/glusterfs.ca
/etc/ssl/glusterfs.key
/etc/ssl/glusterfs.ca.pem

And storing them in your machine /etc/ssl or /usr/lib/ssl directory (if a different directory is used check for lines similar to: "could not load our cert at /usr/lib/ssl/glusterfs.pem" in the logs) .