Rlogin - Port 513
Last updated
Was this helpful?
Last updated
Was this helpful?
Become VeryLazyTech ! π
Follow us on:
β Twitter .
πΎ Github .
π Medium .
πΊ YouTube .
π© Telegram .
π΅οΈββοΈ My Site .
Visit our for e-books and courses. π
In the past, rlogin was widely utilized for remote administration tasks. However, due to concerns regarding its security, it has largely been superseded by slogin and ssh. These newer methods provide enhanced security for remote connections.
Default port: 513
Rlogin, once used for remote Unix system access, is now considered insecure due to its lack of encryption and reliance on trust relationships. Pentesting it involves identifying vulnerabilities like password sniffing or misconfigured files, which can allow unauthorized access.
Check for Rlogin Service First, scan the target system to see if port 513 is open, as Rlogin typically uses this port.
Use netcat to grab the server banner:
This can reveal the software version, which you can check for known vulnerabilities.
Attempt Login with Common Credentials Try logging in with common usernames (e.g., root, admin) and passwords (e.g., 123456, password) using tools like Hydra:
Check for Trust Relationships Try logging in without a password for different usernames using the command:
Success without a password suggests a misconfigured .rhosts or /etc/hosts.equiv file, allowing trust-based access.
Learn & practice
Become VeryLazyTech ! π
β Twitter .
πΎ Github .
π Medium .
πΊ YouTube .
π© Telegram .
π΅οΈββοΈ My Site .
Visit our for e-books and courses. π