R-Services (512,513,514)

Footprinting using nmap

sudo nmap -sV -p 512,513,514 10.0.17.2

Logging in using rlogin

rlogin 10.0.17.2 -l htb-student

Listing authenticated users using rwho

rwho

Listing authenticated users using rusers

rusers -al 10.0.17.5

rcp

rshd

514

TCP

Copy a file or directory bidirectionally from the local system to the remote system (or vice versa) or from one remote system to another. It works like the cpcommand on Linux but provides no warning to the user for overwriting existing files on a system.

rsh

rshd

514

TCP

Opens a shell on a remote machine without a login procedure. Relies upon the trusted entries in the /etc/hosts.equivand .rhostsfiles for validation.

rexec

rexecd

512

TCP

Enables a user to run shell commands on a remote machine. Requires authentication through the use of a usernameand passwordthrough an unencrypted network socket. Authentication is overridden by the trusted entries in the /etc/hosts.equivand .rhostsfiles.

rlogin

rlogind

513

TCP

Enables a user to log in to a remote host over the network. It works similarly to telnetbut can only connect to Unix-like hosts. Authentication is overridden by the trusted entries in the /etc/hosts.equivand .rhostsfiles.

PreviousRSYNC (873)NextRDP (3389)

Last updated 2 years ago