Skip to content
/ redis-ssrf Public
forked from xmsec/redis-ssrf

redis ssrf gopher generater && redis ssrf to rce by master-slave-sync

License

Apache-2.0 license
2 stars 18 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Y4tacker/redis-ssrf

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
rogue-server.py
rogue-server.py
 
 
ssrf-redis.py
ssrf-redis.py
 
 

Repository files navigation

redis-ssrf

  1. ssrf to write files. eg: webshell and ssh key
  2. ssrf to rce 4.x - 5.x

Requirements

ssrf-redis.py : python2.x 3.x

rogue-server.py : python2.x (lazy

Usage

implememt for demo.

plz read generate_payload function and change payload.

for rce usage:

  1. change lhost, lport and command, then
    > python ssrf-redis.py
    > gopher://xxxxx

  2. triger ssrf

  3. meanwhile on vps
    > python rogue-server.py
    > Accepted connection from 192.168.x.x

(Need to compile a module named exp.so at first or download other's and store it with rogue-server.py)

Reference

Inspired by https://github.com/n0b0dyCN/redis-rogue-server

Also, modified from https://xz.aliyun.com/t/5665

About

redis ssrf gopher generater && redis ssrf to rce by master-slave-sync

Resources

Readme

License

Apache-2.0 license
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%