diff options
Diffstat (limited to 'data/showmount.d')
-rw-r--r-- | data/showmount.d | 63 |
1 files changed, 0 insertions, 63 deletions
diff --git a/data/showmount.d b/data/showmount.d deleted file mode 100644 index 499794b..0000000 --- a/data/showmount.d +++ /dev/null @@ -1,63 +0,0 @@ -# UDP mountd call. Use as input to find mount daemons and avoid portmap. -# Useful proc numbers are 2, 5, and 6. -# UDP-scan around between 600-800 to find most mount daemons. -# Using this with "2", plugged into "nc -u -v -w 2 victim X-Y" will -# directly scan *and* dump the current exports when mountd is hit. -# combine stdout *and* stderr thru "strings" or something to clean it up - -000 # XID: 4 trash bytes -001 -002 -003 - -000 # CALL: 0 -000 -000 -000 - -000 # RPC version: 2 -000 -000 -002 - -000 # mount: 100005 -001 -0x86 -0xa5 - -000 # mount version: 1 -000 -000 -001 - -000 # procedure number -- put what you need here: -000 # 2 = dump [showmount -e] -000 # 5 = exportlist [showmount -a] -xxx # "sed s/xxx/$1/ | data -g | nc ..." or some such... - -000 # port: junk -000 -000 -000 - -000 # auth trash -000 -000 -000 - -000 # auth trash -000 -000 -000 - -000 # auth trash -000 -000 -000 - -000 # extra auth trash? probably not needed -000 -000 -000 - -# that's it! |