R-Services
R-Services are a suite of services hosted to enable remote access or issue commands between Unix hosts over TCP/IP. Much like telnet, r-services transmit information from client to server(and vice versa.) over the network in an unencrypted format, making it possible for attackers to intercept network traffic (passwords, login information, etc.) by performing man-in-the-middle (MITM) attacks. R-Services mostly using ports 512, 513, 514 and only accessible via suite of programs known as r-commands. The R-commands suite contains:
rcp (
remote copy)rexec (
remote execution)rlogin (
remote login)rsh (
remote shell)rstat
ruptime
rwho (
remote who)
Quick Overview
rcp
rshd
514
TCP
Copy a file from the local system to remote (or vice versa). Works like cp but don't provide warning for overwriting files.
rsh
rshd
514
TCP
Opens a shell on remote machine without login. Relies upon trusted entries in the /etc/hosts/equiv and .rhosts files for validation
rexec
rexecd
512
TCP
Enables to run shell command on remote machine. Requires authentification with username:password or with /etc/hosts/equiv and .rhosts files
rlogin
rlogind
513
TCP
Enables a user log in to a remote host over the network. Unix-only. Use /etc/hosts/equiv and .rhosts files to authentification
Tips2Hack
Logging in Using Rlogin
Listing Authenticated Users Using Rwho
Listing Authenticated Users Using Rusers
Last updated