Script rlogin-brute

Script types: portrule
Categories: brute, intrusive
Download: https://svn.nmap.org/nmap/scripts/rlogin-brute.nse

Script Summary

Performs brute force password auditing against the classic UNIX rlogin (remote login) service. This script must be run in privileged mode on UNIX because it must bind to a low source port number.

Script Arguments

rlogin-brute.timeout

socket timeout for connecting to rlogin (default 10s)

passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb

See the documentation for the unpwdb library.

creds.[service], creds.global

See the documentation for the creds library.

brute.credfile, brute.delay, brute.emptypass, brute.firstonly, brute.guesses, brute.mode, brute.passonly, brute.retries, brute.start, brute.threads, brute.unique, brute.useraspass

See the documentation for the brute library.

Example Usage

nmap -p 513 --script rlogin-brute <ip>

Script Output

PORT    STATE SERVICE
513/tcp open  login
| rlogin-brute:
|   Accounts
|     nmap:test - Valid credentials
|   Statistics
|_    Performed 4 guesses in 5 seconds, average tps: 0

Requires


Author:

  • Patrik Karlsson

License: Same as Nmap--See https://nmap.org/book/man-legal.html