maride/hacktricks
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks.git synced 2025-10-10 18:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update 6379-pentesting-redis.md

Browse Source 
Mentioned how to bruteforce user SSH directories on Redis servers
This commit is contained in:
Sohail Saha 2025-01-01 12:24:07 -05:00 committed by GitHub
parent 2ced196fe8
commit 6d48f9d1af
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
network-services-pentesting/6379-pentesting-redis.md
View File

@ -252,6 +252,8 @@ Please be aware **`config get dir`** result can be changed after other manually
**This technique is automated here:** [https://github.com/Avinash-acid/Redis-Server-Exploit](https://github.com/Avinash-acid/Redis-Server-Exploit)
Additionally, system users can also be discovered by checking with `config set dir /home/USER`, and upon confirmation, a new `authorized_keys` can be written to `/home/USER/.ssh/authorized_keys`. Use [redis-rce-ssh](https://github.com/captain-woof/redis-rce-ssh) to bruteforce this with a usernames wordlist and overwrite `authorized_keys`.
### Crontab
```