Port 111 - RPCBind

Portmapper and RPCbind could be running.

nmap -sV -p 111 --script=rpcinfo 10.11.1.1-254

Can often enumerate RPC.

If nmap finds a mount, try to mount it locally.

kali@kali:~$ mkdir home kali@kali:~$ sudo mount -o nolock 10.11.1.72:/home ~/home/ kali@kali:~$ cd home/ && ls

NB: If any of the hosted files are locked, can create a new kali user (adduser), then add them to whatever UUID needed to access the file.

Setting New UUID:

sudo sed -i -e 's/1001/1014/g' /etc/passwd (numbers represent groups, 1014 being the one needing to be added for permission)

adduser nemo

sed -i -e 's/1001/1014/g' /etc/passwd

cat /etc/passwd | grep nemo

Last updated 3 years ago