Network File System (NFS) is a convenient way to share files over a network providing centralized management. However, NFS can be difficult to secure and is most viable within trusted networks. This Lab illustrates how easy it can be for an attacker to discover and exploit an insecure NFS file share.
You will use Kali Linux as the platform for launching the attack. Kali Linux includes a variety of security analysis tools by default. The target is a Metasploitable 2 Linux host. Both hosts are running as virtual machines in a Hyper-V virtual environment.
This Lab is designed for the CREST Practitioner Security Analyst (CPSA) certification examination but is of value to security practitioners in general.
Upon completion of this Lab you will be able to:
This Lab is intended for:
You should be familiar with:
You can fulfill the prerequisites by completing the Linux Command Line Byte Session Learning Path.
October 18th, 2021 - Provided a workaround for the Kali keyring being outdated
July 10th, 2020 - Enabled direct browser RDP connection for a streamlined experience