Linux Remote Management Protocols
SSH-Audit
# Downloading SSh-Audit
git clone <https://github.com/jtesta/ssh-audit.git> && cd ssh-audit
# footprinting ssh server
./ssh-audit.py ipChange Authentication Method
# Changing authentication method
ssh -v eren@ip
# for brute force attacks, changing method
ssh -v eren@ip -o PreferredAuthentications=passwordRsync - 873
# Useful guide to abuse Rsync : <https://book.hacktricks.xyz/network-services-pentesting/873-pentesting-rsync>
# Scanning Rsync using Nmap
sudo nmap -sV -p 873 127.0.0.1
# Probing for Accessible Shares
nc -nv 127.0.0.1 873
(UNKNOWN) [127.0.0.1] 873 (rsync) open
@RSYNCD: 31.0
@RSYNCD: 31.0
#list
dev Dev Tools
@RSYNCD: EXIT
# Enumerating an Open Share
rsync -av --list-only rsync://127.0.0.1/dev
# sync all files to our attack host with the command :
rsync -av rsync://127.0.0.1/devLast updated