maride/hacktricks
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks.git synced 2025-10-10 18:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #986 from captain-woof/patch-1

Browse Source
This commit is contained in:
SirBroccoli 2025-01-04 00:26:37 +01:00 committed by GitHub
commit 0279bd7491
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/network-services-pentesting/6379-pentesting-redis.md
View File

@ -208,6 +208,8 @@ Please be aware **`config get dir`** result can be changed after other manually
**This technique is automated here:** [https://github.com/Avinash-acid/Redis-Server-Exploit](https://github.com/Avinash-acid/Redis-Server-Exploit) **This technique is automated here:** [https://github.com/Avinash-acid/Redis-Server-Exploit](https://github.com/Avinash-acid/Redis-Server-Exploit)
Additionally, system users can also be discovered by checking with `config set dir /home/USER`, and upon confirmation, a new `authorized_keys` can be written to `/home/USER/.ssh/authorized_keys`. Use [redis-rce-ssh](https://github.com/captain-woof/redis-rce-ssh) to bruteforce this with a usernames wordlist and overwrite `authorized_keys`.
### Crontab ### Crontab
``` ```