So according to this article rsync is merely another network share.
PORT STATE SERVICE REASON VERSION
873/tcp open rsync syn-ack ttl 63 (protocol version 31)
|_banner: @RSYNCD: 31.0
| rsync-list-modules:
|_ fox fox home
We can list the contents of the fox share by doing the following command.
rsync -av --list-only rsync://192.168.143.126/fox
receiving incremental file list
drwxr-xr-x 4,096 2021/01/21 09:21:59 .
lrwxrwxrwx 9 2020/12/03 15:22:42 .bash_history -> /dev/null
-rw-r--r-- 220 2019/04/18 00:12:36 .bash_logout
-rw-r--r-- 3,526 2019/04/18 00:12:36 .bashrc
-rw-r--r-- 807 2019/04/18 00:12:36 .profile
sent 20 bytes received 136 bytes 312.00 bytes/sec
total size is 4,562 speedup is 29.24
According to the article since in this case we didnt have authentication needed we could also upload files to the current directory. It so happens that we are the home folder of the user fox. So we can upload an authorized_keys file in the .ssh/ folder with our own public key and we will be able to get in.
