514 - Rsh

💡 学习提示: 本文档介绍 Rsh 的渗透测试方法，适合信息安全初学者和从业人员参考。

⚠️ 法律声明: 本文档仅供学习和授权测试使用。未经授权的系统测试可能违反法律法规。

⚠️ 法律声明: 本文档仅供学习和授权测试使用。未经授权的系统测试可能违反法律法规。

514 - 渗透测试 Rsh

基本信息

For authentication, .rhosts files along with /etc/hosts.equiv were utilized by Rsh. 认证 was dependent on IP addresses and the Domain Name System (DNS). The ease of spoofing IP addresses, notably on the local network, was a significant vulnerability.

Moreover, it was common for the .rhosts files to be placed within the home directories of users, which were often located on 网络 File System (NFS) volumes.

默认 port: 514

Login

rsh <IP> <Command>
rsh <IP> -l domain\user <Command>
rsh domain/user@<IP> <Command>
rsh domain\\user@<IP> <Command>

暴力破解

搜索引擎语法

FOFA

# FOFA 搜索语法
port="514"

Shodan

# Shodan 搜索语法
port:514

ZoomEye

# ZoomEye 搜索语法
port:514

📖 参考资料

• HackTricks - 514-rsh