Port 6379 (REDIS)
Manual Enumeration
nc -vn 10.10.10.10 6379
redis-cli -h 10.10.10.10 # sudo apt-get install redis-toolsThe first command you could try is info. It may return output with information of the Redis instance
if something like the following is returned, this means that you need valid credentials to access the Redis instance.
-NOAUTH Authentication required.
Redis Authentication
By default Redis can be accessed without credentials. However, it can be configured to support only password, or username + password.
If only password is configured the username used is "default". Also, note that there is no way to find externally if Redis was configured with only password or username+password.
In cases like this one you will need to find valid credentials to interact with Redis so you could try to brute-force it.
In case you found valid credentials you need to authenticate the session after establishing the connection with the command:
AUTH <username> <password>Valid credentials will be responded with: +OK
Authenticated enumeration
If the Redis server permits anonymous connections or if you have obtained valid credentials, you can initiate the enumeration process for the service using the following commands:
INFO
client list
CONFIG GET *Last updated