513 - Pentesting Rlogin

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Websec | Uw Cybersecurity Specialist

Basic Information

In the past, rlogin was widely utilized for remote administration tasks. However, due to concerns regarding its security, it has largely been superseded by slogin and ssh. These newer methods provide enhanced security for remote connections.

Default port: 513

PORT    STATE SERVICE
513/tcp open  login

# Install client
apt-get install rsh-client

You can use the following command to try to login to a remote host where no password is required for access. Try using root is as username:

rlogin <IP> -l <username>

Brute force

Find files

find / -name .rhosts

Websec | Uw Cybersecurity Specialist

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Previous512 - Pentesting Rexec Next514 - Pentesting Rsh

Last updated 1 month ago

Basic Information

Login

Brute force

Find files