Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ERROR: rlogin.mod failed: medusaReceive returned no data. #16

Open
kyo9999 opened this issue Oct 13, 2016 · 10 comments
Open

ERROR: rlogin.mod failed: medusaReceive returned no data. #16

kyo9999 opened this issue Oct 13, 2016 · 10 comments

Comments

@kyo9999
Copy link

kyo9999 commented Oct 13, 2016

root@k:~# sudo medusa -u msfadmin -P '/password.lst.txt' -h 192.168.1.100 -M rlogin
Medusa v2.2 http://www.foofus.net JoMo-Kun / Foofus Networks [email protected]

ERROR: rlogin.mod failed: medusaReceive returned no data.
CRITICAL: Unknown rlogin.mod module state -1

can you help me how to do next, thank you?
@bismark-foofus
Copy link
Collaborator

A few things:

  1. You are already root, running medusa with sudo is redundant and medusa doesn't require sudo unless installed improperly
  2. What if the output of medusa -d? You should get a list of available modules and their path. Is rlogin.mod listed?

@kyo9999
Copy link
Author

kyo9999 commented Oct 13, 2016

it have rlogin.mod, and i remove sudo to exec, i get the same problem in virtual box kali linux medusa

root@k:~# medusa -d
Medusa v2.2 http://www.foofus.net JoMo-Kun / Foofus Networks [email protected]

Available modules in "." :

Available modules in "/usr/lib/medusa/modules" :
+ cvs.mod : Brute force module for CVS sessions : version 2.0
+ ftp.mod : Brute force module for FTP/FTPS sessions : version 2.1
+ http.mod : Brute force module for HTTP : version 2.1
+ imap.mod : Brute force module for IMAP sessions : version 2.0
+ mssql.mod : Brute force module for M$-SQL sessions : version 2.0
+ mysql.mod : Brute force module for MySQL sessions : version 2.0
+ nntp.mod : Brute force module for NNTP sessions : version 2.0
+ pcanywhere.mod : Brute force module for PcAnywhere sessions : version 2.0
+ pop3.mod : Brute force module for POP3 sessions : version 2.0
+ postgres.mod : Brute force module for PostgreSQL sessions : version 2.0
+ rexec.mod : Brute force module for REXEC sessions : version 2.0
+ rlogin.mod : Brute force module for RLOGIN sessions : version 2.0
+ rsh.mod : Brute force module for RSH sessions : version 2.0
+ smbnt.mod : Brute force module for SMB (LM/NTLM/LMv2/NTLMv2) sessions : version 2.1
+ smtp-vrfy.mod : Brute force module for verifying SMTP accounts (VRFY/EXPN/RCPT TO) : version 2.1
+ smtp.mod : Brute force module for SMTP Authentication with TLS : version 2.0
+ snmp.mod : Brute force module for SNMP Community Strings : version 2.1
+ ssh.mod : Brute force module for SSH v2 sessions : version 2.1
+ svn.mod : Brute force module for Subversion sessions : version 2.1
+ telnet.mod : Brute force module for telnet sessions : version 2.0
+ vmauthd.mod : Brute force module for the VMware Authentication Daemon : version 2.0
+ vnc.mod : Brute force module for VNC sessions : version 2.1
+ web-form.mod : Brute force module for web forms : version 2.1
+ wrapper.mod : Generic Wrapper Module : version 2.0

@kyo9999
Copy link
Author

kyo9999 commented Oct 13, 2016
edited
Loading

i can not get more info
root@k:~# medusa -u msfadmin -P '/password.lst.txt' -h 192.168.1.100 -M rlogin -v 6
Medusa v2.2 http://www.foofus.net JoMo-Kun / Foofus Networks [email protected]

GENERAL: Parallel Hosts: 1 Parallel Logins: 1
GENERAL: Total Hosts: 1
GENERAL: Total Users: 1
GENERAL: Total Passwords: 3545
ERROR: rlogin.mod failed: medusaReceive returned no data.
CRITICAL: Unknown rlogin.mod module state -1
GENERAL: Medusa has finished.

@bismark-foofus
Copy link
Collaborator

Try with a -v 99 and -w 99

@kyo9999
Copy link
Author

kyo9999 commented Oct 13, 2016

i can use rlogin to login remote ip, but medusa show follow

root@k:~# medusa -u msfadmin -P '/password.lst.txt' -h 192.168.1.100 -M rlogin -v 99 -w 99
Medusa v2.2 http://www.foofus.net JoMo-Kun / Foofus Networks [email protected]

DEBUG [CF13A700]: Ignoring blank line in file: /password.lst.txt. Resetting total count: 3545.
DEBUG [CF13A700]: Successfully loaded login information.
GENERAL: Parallel Hosts: 1 Parallel Logins: 1
GENERAL: Total Hosts: 1
GENERAL: Total Users: 1
GENERAL: Total Passwords: 3545
DEBUG AUDIT [CF13A700]: adding new server (0) to queue
DEBUG AUDIT [CF13A700]: waiting for server pool to end
DEBUG SERVER [CC165700]: Server ID: 0 Host: 192.168.1.100 iUserPassCnt: 3545 iLoginCnt: 1
DEBUG SERVER [CC165700]: Set IPv4 address: 192.168.1.100 (192.168.1.100)
DEBUG SERVER [CC165700]: Adding new login task (0) to server queue (0)
DEBUG SERVER [CC165700]: waiting for server 0 login pool to end
DEBUG [CB964700]: startModule iId: 0 pLogin: CC164D00 modParams->argv: 1CEE110 modParams: CC164CD0
DEBUG [CB964700]: Trying module path of .
DEBUG [CB964700]: Attempting to load ./rlogin.mod
DEBUG [CB964700]: Trying module path of /usr/lib/medusa/modules
DEBUG [CB964700]: Attempting to load /usr/lib/medusa/modules/rlogin.mod
DEBUG MODULE [CB964700]: OMG teh rlogin.mod module has been called!!
DEBUG [CB964700]: [getNextNormalCred] Initial credential set request for login module.
DEBUG [CB964700]: getNextNormalCred setting user: msfadmin
DEBUG MODULE [CB964700]: [rlogin.mod] module started for host: 192.168.1.100 user: msfadmin
DEBUG [CB964700]: Connected (internal)
DEBUG MODULE [CB964700]: Connected
DEBUG [CB964700]: Data sent: msfadmin msfadmin xterm
DEBUG [CB964700]: Data receive: Data waiting.
DEBUG [CB964700]: Data received (1): [01]
DEBUG [CB964700]: Data received (0):
DEBUG [CB964700]: Data receive: No additional data.
DEBUG [CB964700]: Formatted data received (size 1): [01]
DEBUG [CB964700]: Data receive: Data waiting.
DEBUG [CB964700]: Data received (0):
DEBUG [CB964700]: Data receive: Socket indicated data present, but none found.
ERROR: rlogin.mod failed: medusaReceive returned no data.
CRITICAL: Unknown rlogin.mod module state -1
DEBUG [CB964700]: Disconnect successful
DEBUG SERVER [CC165700]: destroying server 0 login pool
DEBUG SERVER [CC165700]: Server thread exiting and server's userlist testing was marked as in progress. Was this host prematurely aborted?
DEBUG SERVER [CC165700]: exiting server: 0
DEBUG AUDIT [CF13A700]: destroying server pool
GENERAL: Medusa has finished.

@jmk-foofus
Copy link
Owner

Are you sure that it is indeed rlogin (513/tcp) running on the target host? What is the target host (e.g., OS, device type, etc)? It may be helpful to do a packet capture to see what the remote host is actually sending back, if anything.

@kyo9999
Copy link
Author

kyo9999 commented Oct 14, 2016

root@kyo:~# rlogin -l msfadmin 192.168.254.128
i can remote login

@kyo9999
Copy link
Author

kyo9999 commented Oct 14, 2016
edited
Loading

linux 2.6.24-16-server

This is Metasploitable2 (Linux)

Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques.

@kyo9999
Copy link
Author

kyo9999 commented Oct 14, 2016

https://sourceforge.net/projects/metasploitable/
This is Metasploitable2 (Linux) download here

@kyo9999
Copy link
Author

kyo9999 commented Oct 14, 2016

vanhauser-thc commented 7 minutes ago
kinda like I thought.

you can login via rlogin without a password. the password prompt you see comes from your client program, but the server never asks for one.

thats why hydra report that every password is correct.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bismark-foofus @kyo9999 @jmk-foofus