CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/auxiliary/scanner/redis/redis_login.md
Views: 1904
Vulnerable Application
Redis is an in-memory data structure project implementing a distributed, in-memory key-value database with optional durability. Redis supports different kinds of abstract data structures, such as strings, lists, maps, sets, sorted sets, HyperLogLogs, bitmaps, streams, and spatial indexes.
This module is login utility to find the password of the Redis server by bruteforcing the login portal.
A complete installation guide for Redis can be found here
Redis Authentication
Redis has several ways to support secure connections to the in-memory database:
Prior to Redis 6, the
requirepass
directive could be set, setting a master password for all connections. This requires the usage of theAUTH <password>
command before executing any commands on the cluster.After Redis 6, the
requirepass
directive sets a password for the default userdefault
The
AUTH
command now takes two arguments instead of one:AUTH <username> <password>
The
AUTH
command still accepts a single arguments, but defaults to the userdefault
Setup
Run redis in docker without auth:
Optionally setting the default password for the implicit default
username account, connect to the running Redis instance and set a password:
Optionally creating an enabled test_user
user account with password mypass
- if ACL is supported (Redis >= 6.0.0):
Optionally creating a disabled test_user_disabled
user account with password mypass
- if ACL is supported (Redis >= 6.0.0):
Verification Steps
Do:
use auxiliary/scanner/redis/redis_login
Do:
set RHOSTS [ips]
Do:
set PASS_FILE /home/kali/passwords.txt
Do:
run
Options
PASS_FILE
The file containing a list of passwords to try logging in with.