Skip to main content

ISCSI Pentesting

Default Port: 3260

ISCSI (Internet Small Computer System Interface) is a protocol used for establishing and managing connections between storage devices over an IP network. It enables storage devices to be shared and accessed remotely, providing block-level access to storage resources.

ISCSI is commonly used in data centers and enterprise environments for storage area networks (SANs) and virtualization deployments.


Connect Using ISCSI Initiator

iscsiadm --mode discoverydb --type sendtargets --portal <target-ip>:<target-port> --discover

Connect Using ISCSI Target Portal

You can use tools like ISCSI Initiator or open-iscsi to connect to an ISCSI target portal.


Identifying an ISCSI Target

You can use Nmap to check if there's an ISCSI target on a target host like this:

nmap -p 3260 X.X.X.X
nc -nv X.X.X.X 3260


ISCSI Target Information

Connect to the ISCSI target and gather information about available LUNs (Logical Unit Numbers), target IQNs (ISCSI Qualified Names), and other configuration details using ISCSI commands.

ISCSI Client Tools

Tools like ISCSI Initiator, open-iscsi, and tgtadm can be used for interacting with ISCSI targets and performing enumeration tasks.

Attack Vectors

Default Credentials

Check for default credentials or weak authentication configurations in ISCSI targets, such as targets using default IQNs or no authentication.

Unauthorized Access

Search for open ISCSI targets that allow unrestricted access, which may be exposed to unauthorized access from the internet.

LUN Manipulation

Exploit vulnerabilities in ISCSI target configurations to access or manipulate LUNs, potentially gaining unauthorized access to sensitive data.


Common ISCSI Commands

iscsiadm -m sessionList active ISCSI sessions
iscsiadm -m node -lLog in to an ISCSI target
iscsiadm -m node -uLog out of an ISCSI target
iscsiadm -m node -o showDisplay detailed information about a target
iscsiadm -m discoveryDiscover available ISCSI targets

Data Exfiltration

Extract sensitive data by accessing and manipulating LUNs on the ISCSI target.

Ransomware Attacks

Encrypt data on the ISCSI target and demand a ransom for decryption, exploiting vulnerabilities in ISCSI target configurations.

Denial-of-Service (DoS) Attacks

ISCSI targets may be susceptible to DoS attacks, disrupting storage access and causing service downtime.