Redis Post Exploitation Due to Master and Slave Synchronisation¶

中文版本(Chinese version)

Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker.

Redis which version starts from 4.0, prior to 5.0.5, can be exploit through the synchronisation between master and slave by an authenticated visitor.

Reference:

• https://2018.zeronights.ru/wp-content/uploads/materials/15-redis-post-exploitation.pdf

Vulnerability Environment¶

Execute following command to start a Redis server 4.0.14:

docker compose up -d

After server is started, you can connect to this server without credentials by redis-cli:

redis-cli -h your-ip

Exploit¶

Use this script to execute arbitrary commands: