Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
hi
I'm trying Mitnick attack for a lab with docker, in terminal container I made .rhosts file and wrote the trusted server's ip in it (echo 10.9.0.6 > .rhosts) and also made it writable only for owner (chmod 644 .rhosts) but when I use "rsh 10.9.0.5(terminal's ip) date" in the server, I see authentication error, what should I do and how can I fix this?
hi
I'm trying Mitnick attack for a lab with docker, in terminal container I made .rhosts file and wrote the trusted server's ip in it (echo 10.9.0.6 > .rhosts) and also made it writable only for owner (chmod 644 .rhosts) but when I use "rsh 10.9.0.5(terminal's ip) date" in the server, I see authentication error, what should I do and how can I fix this?
I was curious, seems to be this: https://seedsecuritylabs.org/Labs_16...ick_Attack.pdf
We really need morte information on this. No modern Linux system will allow you to access it remotely just like that, and rsh is outdated, apparently you have to jump through hoops to even get it on your system.
I was curious, seems to be this: https://seedsecuritylabs.org/Labs_16...ick_Attack.pdf
We really need morte information on this. No modern Linux system will allow you to access it remotely just like that, and rsh is outdated, apparently you have to jump through hoops to even get it on your system.
yeah that's true
I've installed rsh-redone that re-implements remote shell (as its mentioned in that file), but I dont know why I see that error and how should I fix it
Good, thanks.
Correct me if I'm wrong but it would seem that we need precisely that info for both systems involved?
What is the exact command, what is the full output? Please use CODE tags for that (see my signature).
If rsh has a verbose option, please use that ("man rsh").
Good, thanks.
Correct me if I'm wrong but it would seem that we need precisely that info for both systems involved?
What is the exact command, what is the full output? Please use CODE tags for that (see my signature).
If rsh has a verbose option, please use that ("man rsh").
no there is not another system, just one, and im using containers for the lab, one for attacker,one for terminal and one for trusted server
first i use this code:
Code:
$ docker-compose build
x-terminal uses an image, skipping
trusted-server uses an image, skipping
Building attacker
Step 1/3 : FROM handsonsecurity/seed-ubuntu:large
---> cecb04fbf1dd
Step 2/3 : ARG DEBIAN_FRONTEND=noninteractive
---> Using cache
---> 0b46b3129601
Step 3/3 : RUN apt-get update && apt-get -y install rsh-redone-client rsh-redone-server && rm -rf /var/lib/apt/lists/*
---> Using cache
---> 871d73ab78dd
Successfully built 871d73ab78dd
Successfully tagged seed-image-ubuntu-mitnick:latest
and then:
Code:
$ docker-compose up
Creating network "net-10.9.0.0" with the default driver
Creating seed-attacker ... done
Creating trusted-server-10.9.0.6 ... done
Creating x-terminal-10.9.0.5 ... done
Attaching to seed-attacker, x-terminal-10.9.0.5, trusted-server-10.9.0.6
x-terminal-10.9.0.5 | * Starting internet superserver inetd [ OK ]
and not just IP like you have it. The above will allow auser@example.org in. Furthermore, the username and incoming hostname need to be as the remote machine will see it which matters on a multi-homed host. I have my .rhosts 0600. Obviously you need the remote server running rshd, listening, and not firewalled. I don't know about Docker or rsh-redone (inetutils rsh still works).
Code:
jayjwa@atr2 ~> rsh -4 lunast show status
Status on 29-JAN-2024 10:49:32.36 Elapsed CPU : 0 00:00:00.12
Buff. I/O : 28 Cur. ws. : 611 Open files : 2
Dir. I/O : 8 Phys. Mem. : 392 Page Faults : 425
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
