Rsync

Footprinting The Service

Nmap

sudo nmap -sV -p 873 127.0.0.1

Probing for Accessible Shares

nc -nv 127.0.0.1 873

Enumerating an Open Share

rsync -av --list-only rsync://127.0.0.1/dev

If Rsync is configured to use SSH to transfer files, we could modify our commands to include the -e ssh flag, or -e "ssh -p2222" if a non-standard port is in use

rsync -av rsync://127.0.0.1/dev