513 - Pentesting Rlogin

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

• Check the subscription plans!

• Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.

• Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Websec | Uw Cybersecurity Specialistwebsec.nl

Basic Information

In the past, rlogin was widely utilized for remote administration tasks. However, due to concerns regarding its security, it has largely been superseded by slogin and ssh. These newer methods provide enhanced security for remote connections.

Default port: 513

PORT    STATE SERVICE
513/tcp open  login

Login

# Install client
apt-get install rsh-client

You can use the following command to try to login to a remote host where no password is required for access. Try using root is as username:

rlogin <IP> -l <username>

Brute force

Find files

find / -name .rhosts

Websec | Uw Cybersecurity Specialistwebsec.nl

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

• Check the subscription plans!

• Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.

• Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.