LinkedInGithub
Edit

R-Sync 873

R-Sync (Port 873) Enumeration and Scanning Commands

Step 1: Define the Target IP

Replace <target_ip> with the actual IP address of the target.

# Define the target IP
export TARGET_IP="192.168.1.100"

Step 2: Perform an Nmap Scan for R-Sync Services

Use the following command to identify services and vulnerabilities:

nmap -p 873 -sV --script rsync-list-modules <target_ip>

Explanation:

  • -p 873: Specifies port 873 for R-Sync.

  • -sV: Detects the service version.

  • --script rsync-list-modules: Uses an NSE script to list available R-Sync modules.

Step 3: Enumerate R-Sync Modules Using rsync Command

The rsync tool can be used to list available modules on the target server.

rsync --list-only rsync://<target_ip>/

Example:

rsync --list-only rsync://192.168.1.100/

Step 4: Test File Synchronization (If Applicable)

After identifying available modules, you can test file synchronization. Replace <module> with the identified module name.

rsync -av rsync://<target_ip>/<module>/ ./local_directory

Example:

rsync -av rsync://192.168.1.100/public/ ./local_directory

Explanation:

  • -a: Archive mode to preserve file attributes.

  • -v: Verbose output.

  • ./local_directory: Specifies the destination directory.

Additional Notes

  • Ensure you have the necessary permissions to access the R-Sync modules.

  • R-Sync can expose sensitive information if misconfigured.

  • Explore other rsync commands and tools for further testing and exploitation.

PreviousR-Services 512,513,514NextRDP 3389

Last updated