Skip to content

An exploit for Improperly configured redis server. Gives shell access if exploited correctly.

Notifications You must be signed in to change notification settings

someshkoli/redis_exploit

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 

Repository files navigation

Redis-Server-Exploit

This will give you shell access on the target system if redis server is not configured properly and faced on the internet without any authentication

Disclaimer

This exploit is purely intended for educational purposes. I do not want anyone to use this exploit to actually hack into computers or do other illegal things. So I cannot be held responsible for any illegal purposes.

Pre-Requesties

  1. A valid Username of the target system

Things to keep in mind

  1. Default port of SSH 22/TCP
  2. Default port of REDIS Server 6379/TCP
  3. IP address of the target system and User of the target system served to script as arguments

Check if host is vulnerable

  Nmap scan report for  (ip) 							                                           										
	 Host is up (0.27s latency).												
	 PORT     STATE SERVICE VERSION                                                                                           	
	 6379/tcp open  redis   Redis key-value store                                                                               

About

An exploit for Improperly configured redis server. Gives shell access if exploited correctly.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages