Skip to content

Latest commit

 

History

History
19 lines (15 loc) · 1.09 KB

README.md

File metadata and controls

19 lines (15 loc) · 1.09 KB

Redis-Server-Exploit

This will give you shell access on the target system if redis server is not configured properly and faced on the internet without any authentication

Disclaimer

This exploit is purely intended for educational purposes. I do not want anyone to use this exploit to actually hack into computers or do other illegal things. So I cannot be held responsible for any illegal purposes.

Pre-Requesties

  1. A valid Username of the target system

Things to keep in mind

  1. Default port of SSH 22/TCP
  2. Default port of REDIS Server 6379/TCP
  3. IP address of the target system and User of the target system served to script as arguments

Check if host is vulnerable

  Nmap scan report for  (ip) 							                                           										
	 Host is up (0.27s latency).												
	 PORT     STATE SERVICE VERSION                                                                                           	
	 6379/tcp open  redis   Redis key-value store