ERROR: rlogin.mod failed: medusaReceive returned no data.

[kyo9999]

root@k:~# sudo medusa -u msfadmin -P '/password.lst.txt' -h 192.168.1.100 -M rlogin Medusa v2.2 http://www.foofus.net JoMo-Kun / Foofus Networks jmk@foofus.net

ERROR: rlogin.mod failed: medusaReceive returned no data. CRITICAL: Unknown rlogin.mod module state -1

can you help me how to do next, thank you?

[bismark-foofus]

A few things:

1. You are already root, running medusa with sudo is redundant and medusa doesn't require sudo unless installed improperly
2. What if the output of medusa -d? You should get a list of available modules and their path. Is rlogin.mod listed?

[kyo9999]

it have rlogin.mod, and i remove sudo to exec, i get the same problem in virtual box kali linux medusa

root@k:~# medusa -d Medusa v2.2 http://www.foofus.net JoMo-Kun / Foofus Networks jmk@foofus.net

Available modules in "." :

Available modules in "/usr/lib/medusa/modules" :

• cvs.mod : Brute force module for CVS sessions : version 2.0
• ftp.mod : Brute force module for FTP/FTPS sessions : version 2.1
• http.mod : Brute force module for HTTP : version 2.1
• imap.mod : Brute force module for IMAP sessions : version 2.0
• mssql.mod : Brute force module for M$-SQL sessions : version 2.0
• mysql.mod : Brute force module for MySQL sessions : version 2.0
• nntp.mod : Brute force module for NNTP sessions : version 2.0
• pcanywhere.mod : Brute force module for PcAnywhere sessions : version 2.0
• pop3.mod : Brute force module for POP3 sessions : version 2.0
• postgres.mod : Brute force module for PostgreSQL sessions : version 2.0
• rexec.mod : Brute force module for REXEC sessions : version 2.0
• rlogin.mod : Brute force module for RLOGIN sessions : version 2.0
• rsh.mod : Brute force module for RSH sessions : version 2.0
• smbnt.mod : Brute force module for SMB (LM/NTLM/LMv2/NTLMv2) sessions : version 2.1
• smtp-vrfy.mod : Brute force module for verifying SMTP accounts (VRFY/EXPN/RCPT TO) : version 2.1
• smtp.mod : Brute force module for SMTP Authentication with TLS : version 2.0
• snmp.mod : Brute force module for SNMP Community Strings : version 2.1
• ssh.mod : Brute force module for SSH v2 sessions : version 2.1
• svn.mod : Brute force module for Subversion sessions : version 2.1
• telnet.mod : Brute force module for telnet sessions : version 2.0
• vmauthd.mod : Brute force module for the VMware Authentication Daemon : version 2.0
• vnc.mod : Brute force module for VNC sessions : version 2.1
• web-form.mod : Brute force module for web forms : version 2.1
• wrapper.mod : Generic Wrapper Module : version 2.0

[kyo9999]

i can not get more info root@k:~# medusa -u msfadmin -P '/password.lst.txt' -h 192.168.1.100 -M rlogin -v 6 Medusa v2.2 http://www.foofus.net JoMo-Kun / Foofus Networks jmk@foofus.net

GENERAL: Parallel Hosts: 1 Parallel Logins: 1 GENERAL: Total Hosts: 1 GENERAL: Total Users: 1 GENERAL: Total Passwords: 3545 ERROR: rlogin.mod failed: medusaReceive returned no data. CRITICAL: Unknown rlogin.mod module state -1 GENERAL: Medusa has finished.

[bismark-foofus]

Try with a -v 99 and -w 99

[kyo9999]

i can use rlogin to login remote ip, but medusa show follow

root@k:~# medusa -u msfadmin -P '/password.lst.txt' -h 192.168.1.100 -M rlogin -v 99 -w 99 Medusa v2.2 http://www.foofus.net JoMo-Kun / Foofus Networks jmk@foofus.net

DEBUG [CF13A700]: Ignoring blank line in file: /password.lst.txt. Resetting total count: 3545. DEBUG [CF13A700]: Successfully loaded login information. GENERAL: Parallel Hosts: 1 Parallel Logins: 1 GENERAL: Total Hosts: 1 GENERAL: Total Users: 1 GENERAL: Total Passwords: 3545 DEBUG AUDIT [CF13A700]: adding new server (0) to queue DEBUG AUDIT [CF13A700]: waiting for server pool to end DEBUG SERVER [CC165700]: Server ID: 0 Host: 192.168.1.100 iUserPassCnt: 3545 iLoginCnt: 1 DEBUG SERVER [CC165700]: Set IPv4 address: 192.168.1.100 (192.168.1.100) DEBUG SERVER [CC165700]: Adding new login task (0) to server queue (0) DEBUG SERVER [CC165700]: waiting for server 0 login pool to end DEBUG [CB964700]: startModule iId: 0 pLogin: CC164D00 modParams->argv: 1CEE110 modParams: CC164CD0 DEBUG [CB964700]: Trying module path of . DEBUG [CB964700]: Attempting to load ./rlogin.mod DEBUG [CB964700]: Trying module path of /usr/lib/medusa/modules DEBUG [CB964700]: Attempting to load /usr/lib/medusa/modules/rlogin.mod DEBUG MODULE [CB964700]: OMG teh rlogin.mod module has been called!! DEBUG [CB964700]: [getNextNormalCred] Initial credential set request for login module. DEBUG [CB964700]: getNextNormalCred setting user: msfadmin DEBUG MODULE [CB964700]: [rlogin.mod] module started for host: 192.168.1.100 user: msfadmin DEBUG [CB964700]: Connected (internal) DEBUG MODULE [CB964700]: Connected DEBUG [CB964700]: Data sent: msfadmin msfadmin xterm DEBUG [CB964700]: Data receive: Data waiting. DEBUG [CB964700]: Data received (1): [01] DEBUG [CB964700]: Data received (0): DEBUG [CB964700]: Data receive: No additional data. DEBUG [CB964700]: Formatted data received (size 1): [01] DEBUG [CB964700]: Data receive: Data waiting. DEBUG [CB964700]: Data received (0): DEBUG [CB964700]: Data receive: Socket indicated data present, but none found. ERROR: rlogin.mod failed: medusaReceive returned no data. CRITICAL: Unknown rlogin.mod module state -1 DEBUG [CB964700]: Disconnect successful DEBUG SERVER [CC165700]: destroying server 0 login pool DEBUG SERVER [CC165700]: Server thread exiting and server's userlist testing was marked as in progress. Was this host prematurely aborted? DEBUG SERVER [CC165700]: exiting server: 0 DEBUG AUDIT [CF13A700]: destroying server pool GENERAL: Medusa has finished.

[jmk-foofus]

Are you sure that it is indeed rlogin (513/tcp) running on the target host? What is the target host (e.g., OS, device type, etc)? It may be helpful to do a packet capture to see what the remote host is actually sending back, if anything.

[kyo9999]

root@kyo:~# rlogin -l msfadmin 192.168.254.128 i can remote login

[kyo9999]

linux 2.6.24-16-server

This is Metasploitable2 (Linux)

Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques.

[kyo9999]

https://sourceforge.net/projects/metasploitable/ This is Metasploitable2 (Linux) download here

[kyo9999]

vanhauser-thc commented 7 minutes ago kinda like I thought.

you can login via rlogin without a password. the password prompt you see comes from your client program, but the server never asks for one.

thats why hydra report that every password is correct.