Today I was looking at a CTF challenge that included a NAS. A quick NMAP showed the following:

After going over SSH and FTP it was time to investigate the ISCSI port, something I haven’t had to do before. A quick google turned up the popular Hacking Team breach that I remember reading about (

After a quick port forward:

root@kali:~# iscsiadm -m discovery -t sendtargets -p,1

Followed by:

root@kali:~# iscsiadm -m node -p --login
Logging in to [iface: default, target:, portal:,3260] (multiple)
Login to [iface: default, target:, portal:,3260] successful.

Then the image is just a simple mount away:</p>

root@kali:~# vmfs-fuse -o ro ./test1234.vmdk  /mnt/vmimage/

After finding such as easy way to gather more information off a network (in this case a Windows OS backup including SAM file), I will definitely be keep looking out for ISCSI devices on future tests.