search

514 - Pentesting Rsh

hashtag
Basic Information

Rsh use .rhosts files and /etc/hosts.equiv for authentication. These methods relied on IP addresses and DNS (Domain Name System) for authentication. However, spoofing IP addresses is fairly easy, especially if the attacker is on the local network.

Furthermore, the .rhosts files were stored in users' home directories, which were typically stored on NFS (Network File System) volumes. (from here: https://www.ssh.com/ssh/rsharrow-up-right).

Default port: 514

hashtag
Login

rsh <IP> <Command>
rsh <IP> -l domain\user <Command>
rsh domain/user@<IP> <Command>
rsh domain\\user@<IP> <Command>

hashtag
Brute Force****

上一页513 - Pentesting Rlogin下一页515 - Pentesting Line Printer Daemon (LPD)

最后更新于