# 24007,24008,24009,49152 - Pentesting GlusterFS ## Basic Information **GlusterFS** is a **distributed**, arbitrarily scalable **file system** that aggregates storage components from **several servers into one**, uniform file system. **Default ports**: 24007/tcp/udp, 24008/tcp/udp, 49152/tcp (onwards)\ For the port 49152, ports incremented by 1 need to be open to use more bricks. _Previously the port 24009 was used instead of 49152._ ``` PORT STATE SERVICE 24007/tcp open rpcbind 49152/tcp open ssl/unknown ``` ### Enumeration To interact with this filesystem you need to install the [**GlusterFS client**](https://download.gluster.org/pub/gluster/glusterfs/LATEST/) **** (`sudo apt-get install glusterfs-cli`). To list and mount the available volumes you can use: ```bash sudo gluster --remote-host=10.10.11.131 volume list # This will return the name of the volumes sudo mount -t glusterfs 10.10.11.131:/ /mnt/ ``` If you receive an **error trying to mount the filesystem**, you can check the logs in `/var/log/glusterfs/` **Errors mentioning certificates** can be fixed by stealing the files (if you have access to the system): * /etc/ssl/glusterfs.ca * /etc/ssl/glusterfs.key * /etc/ssl/glusterfs.ca.pem And storing them in your machine `/etc/ssl` or `/usr/lib/ssl` directory (if a different directory is used check for lines similar to: "_could not load our cert at /usr/lib/ssl/glusterfs.pem_" in the logs) .