View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000293Kali LinuxQueued Tool Additionpublic2013-04-22 17:022021-05-18 11:00
Reporterbonsaiviking Assigned Todookie  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Fixed in Versionkali-dev 
Summary0000293: NfSpy - ID-spoofing NFS client
Description

https://github.com/bonsaiviking/NfSpy

NfSpy is a Python library for automating the falsification of NFS credentials when mounting an NFS share. Included are two client programs:

nfspy uses the Filesystem in Userspace (FUSE) library to mount an NFS share in Linux. This allows the use of any regular file-searching and manipulation programs like grep and find to explore the NFS export.

nfspysh is a ftp-like interactive shell for exploring NFS exports. It does not require the FUSE library, so it can run on non-Linux platforms.
Steps To Reproduce

Installation via setup.py install

If python-fuse package is available, it will install nfspy for FUSE-mounting. Otherwise, only nfspysh is installed (dependency not enforced). Recommend that the Debian package Require or at least Recommend python-fuse.

License is MIT/Expat

Additional Information

"Press" coverage:

mubix - http://www.room362.com/blog/2013/3/4/mounting-nfs-shares-through-meterpreter-with-nfspy.html

ChrisJohnRiley - http://blog.c22.cc/2012/03/12/unsung-heros-the-list/

Tenable Network Security Podcast - http://www.tenable.com/blog/tenable-network-security-podcast-episode-122-

Darknet - http://www.darknet.org.uk/2012/04/nfspy-id-spoofing-nfs-client-tool-mount-nfs-shares-without-account/

My blog (response to @mubix) - http://blog.bonsaiviking.com/2013/03/nfspy-meets-real-world.html

Activities

bonsaiviking

bonsaiviking

2013-04-22 17:04

reporter   ~0000397

If you have questions, you can find me (tool author and ticket submitter) as "bonsaiviking" on freenode. Usually in #nmap and #metasploit.
dookie

dookie

2013-07-09 19:05

reporter   ~0000618

Added in nfspy_0.2.1-1kali0. It will be in the repos soon.

Thanks

Issue History

Date Modified Username Field Change
2013-04-22 17:02 bonsaiviking New Issue
2013-04-22 17:04 bonsaiviking Note Added: 0000397
2013-07-09 19:05 dookie Note Added: 0000618
2013-07-09 19:05 dookie Status new => resolved
2013-07-09 19:05 dookie Resolution open => fixed
2013-07-09 19:05 dookie Assigned To => dookie
2021-05-18 10:55 g0tmi1k Fixed in Version => kali-dev
2021-05-18 11:00 g0tmi1k Category New Tool Requests => Queued Tool Addition