Port 6379 (REDIS)

Manual Enumeration

nc -vn 10.10.10.10 6379 
redis-cli -h 10.10.10.10 # sudo apt-get install redis-tools

The first command you could try is info. It may return output with information of the Redis instance

if something like the following is returned, this means that you need valid credentials to access the Redis instance.

-NOAUTH Authentication required.

Redis Authentication

By default Redis can be accessed without credentials. However, it can be configured to support only password, or username + password.

If only password is configured the username used is "default". Also, note that there is no way to find externally if Redis was configured with only password or username+password.

In cases like this one you will need to find valid credentials to interact with Redis so you could try to brute-force it.

In case you found valid credentials you need to authenticate the session after establishing the connection with the command:

AUTH <username> <password>

Valid credentials will be responded with: +OK

Authenticated enumeration

If the Redis server permits anonymous connections or if you have obtained valid credentials, you can initiate the enumeration process for the service using the following commands:

INFO
client list
CONFIG GET *

PreviousPORT 389,636,3268,3269 (LDAP)NextPort 6697 (IRCD)

Last updated 4 months ago

hashtagManual Enumeration

hashtagRedis Authentication

hashtagAuthenticated enumeration

Manual Enumeration

Redis Authentication

Authenticated enumeration