Sometimes, while pentesting, we may come across a Redis installation that was left public unintentionally. In an unauthenticated Redis installation, the simplest thing to do is to write random files. In this recipe, we will see how to get the root access of Redis installations running without authentication.
Exploiting Redis
How to do it...
Let's perform the following steps:
- Telnet to the server to see whether a successful connection is possible:
telnet x.x.x.x 6379
The output of the preceding command is shown in the following screenshot:
- Generate our SSH key using the following command:
ssh-keygen -t rsa -C [email protected]
- Enter the file where we want to save it:
- Our key is generated; now we need to...