Penetration Testing mailing list archives
New tool release: NfSpy, a UID-spoofing NFS client
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 22 Jul 2011 12:08:38 -0500
NfSpy is a FUSE filesystem written in Python that automatically changes UID and GID to give you full access to any file on an NFS share. Use it to mount an NFS export and act as the owner of every file and directory.
Other features: * Use filehandles from packet captures instead of asking mountd. * Hide from sysadmins by immediately "unmounting" while retaining access* Specify port/protocol for NFS or Mountd if you don't have access to the portmapper
More info in the README at https://github.com/bonsaiviking/NfSpy Daniel Miller ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- New tool release: NfSpy, a UID-spoofing NFS client Daniel Miller (Jul 22)