Posts: 10 Threads: 0 Joined: N/A (July 24, 2022, 03:33 AM)rubymurakami Wrote: (July 24, 2022, 03:07 AM)blahblah Wrote: (July 24, 2022, 03:05 AM)Hacker2222 Wrote: bruh i give 1 hint on this place and suddenly an bunch of user flags get 0wn3d without you knowing how root. the file says it in the name. redis_CONNECTION_dev. if reddis needs auth, then why are u not looking at traffic???
bruh ........ :D :D :D
found the password copied the binary over Already Root it Posts: 9 Threads: 0 Joined: N/A (July 24, 2022, 04:16 AM)blahblah Wrote: (July 24, 2022, 03:33 AM)rubymurakami Wrote: (July 24, 2022, 03:07 AM)blahblah Wrote: (July 24, 2022, 03:05 AM)Hacker2222 Wrote: bruh i give 1 hint on this place and suddenly an bunch of user flags get 0wn3d without you knowing how root. the file says it in the name. redis_CONNECTION_dev. if reddis needs auth, then why are u not looking at traffic???
bruh ........ :D :D :D
found the password copied the binary over
Already Root it good job man, still stuck on this binary shit lmao Posts: 19 Threads: 0 Joined: N/A have root now :) AUTH PASSWORD: Hidden Content You must register or login to view this content. Posts: 16 Threads: 0 Joined: N/A I keep getting this error when trying to import my module to redis
"(error) ERR Error loading the extension. Please check the server logs."
Apperently a friend did it in the same way and it worked, anyone know whats going on? Posts: 56 Threads: 0 Joined: N/A (July 24, 2022, 04:20 AM)Truss46 Wrote: have root now :)
AUTH PASSWORD: have you got root? I'm stuck Posts: 10 Threads: 0 Joined: N/A (July 24, 2022, 04:18 AM)vinciwashere Wrote: (July 24, 2022, 04:16 AM)blahblah Wrote: (July 24, 2022, 03:33 AM)rubymurakami Wrote: (July 24, 2022, 03:07 AM)blahblah Wrote: (July 24, 2022, 03:05 AM)Hacker2222 Wrote: bruh i give 1 hint on this place and suddenly an bunch of user flags get 0wn3d without you knowing how root. the file says it in the name. redis_CONNECTION_dev. if reddis needs auth, then why are u not looking at traffic???
bruh ........ :D :D :D
found the password copied the binary over
Already Root it
good job man, still stuck on this binary shit lmao Look Bro install redis Then run it , Then Open wireshark listing on the loopback run the binary Then Follow this link after you got the cred : https://book.hacktricks.xyz/network-services-pentesting/6379-pentesting-redis Look at Load Redis Moudle Section .
(July 24, 2022, 04:21 AM)stefanivus Wrote: I keep getting this error when trying to import my module to redis
"(error) ERR Error loading the extension. Please check the server logs."
Apperently a friend did it in the same way and it worked, anyone know whats going on? Try to Upload the Hole Dir you have download then upload it to the machine, (run make in the machine not locally) Posts: 19 Threads: 0 Joined: N/A (July 24, 2022, 04:24 AM)blahblah Wrote: (July 24, 2022, 04:18 AM)vinciwashere Wrote: (July 24, 2022, 04:16 AM)blahblah Wrote: (July 24, 2022, 03:33 AM)rubymurakami Wrote: (July 24, 2022, 03:07 AM)blahblah Wrote: bruh ........ :D :D :D
found the password copied the binary over
Already Root it
good job man, still stuck on this binary shit lmao
Look Bro install redis Then run it , Then Open wireshark listing on the loopback run the binary Then Follow this link after you got the cred : https://book.hacktricks.xyz/network-services-pentesting/6379-pentesting-redis Look at RCE Section .
(July 24, 2022, 04:21 AM)stefanivus Wrote: I keep getting this error when trying to import my module to redis
"(error) ERR Error loading the extension. Please check the server logs."
Apperently a friend did it in the same way and it worked, anyone know whats going on?
Try to Upload the Hole Dir you download then run make in the machine not locally or download this file '/usr/local/bin/redis_connector_dev' and run this script import socket
HOST = "127.0.0.1"
PORT = 6379
def main():
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.bind((HOST, PORT))
s.listen()
conn, addr = s.accept()
with conn:
print(f"Connected by {addr}")
while True:
data = conn.recv(1024)
print(print(f"Received {data!r}"))
if not data:
break
conn.sendall(data)
if __name__ == '__main__':
main()
then this executable ./redis_connector_dev
https://thesecmaster.com/how-to-fix-cve-2022-0543-a-critical-lua-sandbox-escape-vulnerability-in-redis/ Posts: 16 Threads: 0 Joined: N/A (July 24, 2022, 04:24 AM)blahblah Wrote: (July 24, 2022, 04:18 AM)vinciwashere Wrote: (July 24, 2022, 04:16 AM)blahblah Wrote: (July 24, 2022, 03:33 AM)rubymurakami Wrote: (July 24, 2022, 03:07 AM)blahblah Wrote: bruh ........ :D :D :D
found the password copied the binary over
Already Root it
good job man, still stuck on this binary shit lmao
Look Bro install redis Then run it , Then Open wireshark listing on the loopback run the binary Then Follow this link after you got the cred : https://book.hacktricks.xyz/network-services-pentesting/6379-pentesting-redis Look at Load Redis Moudle Section .
(July 24, 2022, 04:21 AM)stefanivus Wrote: I keep getting this error when trying to import my module to redis
"(error) ERR Error loading the extension. Please check the server logs."
Apperently a friend did it in the same way and it worked, anyone know whats going on?
Try to Upload the Hole Dir you have download then upload it to the machine, (run make in the machine not locally) Sadly still not working Posts: 26 Threads: 0 Joined: N/A (July 24, 2022, 04:20 AM)Truss46 Wrote: have root now :)
AUTH PASSWORD: asedrawedrtstysr Posts: 35 Threads: 0 Joined: N/A (July 24, 2022, 04:20 AM)Truss46 Wrote: have root now :)
AUTH PASSWORD: cool |
