513 - Rlogin

💡 学习提示: 本文档介绍 Rlogin 的渗透测试方法，适合信息安全初学者和从业人员参考。

⚠️ 法律声明: 本文档仅供学习和授权测试使用。未经授权的系统测试可能违反法律法规。

⚠️ 法律声明: 本文档仅供学习和授权测试使用。未经授权的系统测试可能违反法律法规。

513 - 渗透测试 Rlogin

基本信息

In the past, rlogin was widely utilized for remote administration tasks. However, due to concerns regarding its security, it has largely been superseded by slogin and ssh. These newer methods provide enhanced security for remote connections.

默认 port: 513

PORT    STATE SERVICE
513/tcp open  login

Login

## Install client
apt-get install rsh-client

You can use the following command to try to login to a remote host where no password is required for access. Try using root is as username:

rlogin <IP> -l <username>

Brute force

Find files

find / -name .rhosts

搜索引擎语法

FOFA

# FOFA 搜索语法
port="513"

Shodan

# Shodan 搜索语法
port:513

ZoomEye

# ZoomEye 搜索语法
port:513

📖 参考资料

• HackTricks - 513-rlogin