Rlogin - Port 513
Become VeryLazyTech member! π
Follow us on:
β Twitter @VeryLazyTech.
πΎ Github @VeryLazyTech.
π Medium @VeryLazyTech.
πΊ YouTube @VeryLazyTech.
π© Telegram @VeryLazyTech.
π΅οΈββοΈ My Site @VeryLazyTech.
Visit our shop for e-books and courses. π
Basic Info
In the past, rlogin was widely utilized for remote administration tasks. However, due to concerns regarding its security, it has largely been superseded by slogin and ssh. These newer methods provide enhanced security for remote connections.
Default port: 513
PORT STATE SERVICE
513/tcp open loginRlogin, once used for remote Unix system access, is now considered insecure due to its lack of encryption and reliance on trust relationships. Pentesting it involves identifying vulnerabilities like password sniffing or misconfigured files, which can allow unauthorized access.
Enumeration
Check for Rlogin Service First, scan the target system to see if port 513 is open, as Rlogin typically uses this port.
nmap -sT -p 513 target_ipUse netcat to grab the server banner:
nc target_ip 513This can reveal the software version, which you can check for known vulnerabilities.
Brute force
Attempt Login with Common Credentials Try logging in with common usernames (e.g., root, admin) and passwords (e.g., 123456, password) using tools like Hydra:
hydra -l root -P /path/to/passwords.txt target_ip rloginCheck for Trust Relationships Try logging in without a password for different usernames using the command:
# Install client
apt-get install rsh-client
rlogin target_ip -l usernameSuccess without a password suggests a misconfigured .rhosts or /etc/hosts.equiv file, allowing trust-based access.
Find files
find / -name .rhostsLearn & practice For the OSCP.
Last updated
Was this helpful?