24007,24008,24009,49152 - Pentesting GlusterFS
Last updated
Last updated
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
GlusterFS is a distributed file system that combines storage from multiple servers into one unified system. It allows for arbitrary scalability, meaning you can easily add or remove storage servers without disrupting the overall file system. This ensures high availability and fault tolerance for your data. With GlusterFS, you can access your files as if they were stored locally, regardless of the underlying server infrastructure. It provides a powerful and flexible solution for managing large amounts of data across multiple servers.
Default ports: 24007/tcp/udp, 24008/tcp/udp, 49152/tcp (onwards) For the port 49152, ports incremented by 1 need to be open to use more bricks. Previously the port 24009 was used instead of 49152.
To interact with this filesystem you need to install the GlusterFS client (sudo apt-get install glusterfs-cli
).
To list and mount the available volumes you can use:
If you receive an error trying to mount the filesystem, you can check the logs in /var/log/glusterfs/
Errors mentioning certificates can be fixed by stealing the files (if you have access to the system):
/etc/ssl/glusterfs.ca
/etc/ssl/glusterfs.key
/etc/ssl/glusterfs.ca.pem
And storing them in your machine /etc/ssl
or /usr/lib/ssl
directory (if a different directory is used check for lines similar to: "could not load our cert at /usr/lib/ssl/glusterfs.pem" in the logs) .
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)