Redeemer
Personal Rating: Very Easy
Enumeration
The first nmap scan was pretty straightforward:
sudo nmap -p- <IP>
PORT STATE SERVICE VERSION
6379/tcp open redis Redis key-value store 5.0.7
Discovering Redis
A little research on redis was necessary, then I installed redis-cli and got access to the database:
redis-cli -h <TARGETIP>
> INFO
> KEYS *
> GET flag
I could get access like that because anonymous login was allowed. As seen here, with some more research on how to navigate around Redis databases I could find the flag. Interesting to know here is, that Redis is an in-memory database.
INFO can be used to check the version and how many keys are there in each database.
KEYS * can be used to show all keys by name.
Last updated