Module: Msf::Auxiliary::Redis
- Includes:
- Report, Scanner, Exploit::Remote::Tcp
- Defined in:
- lib/msf/core/auxiliary/redis.rb
Overview
This module provides methods for working with redis
Instance Attribute Summary
Attributes included from Exploit::Remote::Tcp
Instance Method Summary collapse
-
#initialize(info = {}) ⇒ Object
Initializes an instance of an auxiliary module that interacts with Redis.
- #printable_redis_response(response_data, convert_whitespace = true) ⇒ Object
- #read_timeout ⇒ Object
- #redis_command(*commands) ⇒ Object
- #report_redis(version) ⇒ Object
Methods included from Report
#active_db?, #create_cracked_credential, #create_credential, #create_credential_and_login, #create_credential_login, #db, #db_warning_given?, #get_client, #get_host, #inside_workspace_boundary?, #invalidate_login, #mytask, #myworkspace, #myworkspace_id, #report_auth_info, #report_client, #report_exploit, #report_host, #report_loot, #report_note, #report_service, #report_vuln, #report_web_form, #report_web_page, #report_web_site, #report_web_vuln, #store_cred, #store_local, #store_loot
Methods included from Metasploit::Framework::Require
optionally, optionally_active_record_railtie, optionally_include_metasploit_credential_creation, #optionally_include_metasploit_credential_creation, optionally_require_metasploit_db_gem_engines
Methods included from Scanner
#add_delay_jitter, #check, #has_check?, #has_fatal_errors?, #peer, #run, #scanner_handle_fatal_errors, #scanner_progress, #scanner_show_progress, #seppuko!
Methods included from Exploit::Remote::Tcp
#chost, #cleanup, #connect, #connect_timeout, #cport, #deregister_tcp_options, #disconnect, #handler, #lhost, #lport, #peer, #print_prefix, #proxies, #rhost, #rport, #set_tcp_evasions, #shutdown, #ssl, #ssl_cipher, #ssl_verify_mode, #ssl_version
Instance Method Details
#initialize(info = {}) ⇒ Object
Initializes an instance of an auxiliary module that interacts with Redis
18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'lib/msf/core/auxiliary/redis.rb', line 18 def initialize(info = {}) super ( [ Opt::RPORT(6379), OptString.new('PASSWORD', [false, 'Redis password for authentication test', 'foobared']) ] ) ( [ OptInt.new('READ_TIMEOUT', [true, 'Seconds to wait while reading redis responses', 2]) ] ) end |
#printable_redis_response(response_data, convert_whitespace = true) ⇒ Object
77 78 79 |
# File 'lib/msf/core/auxiliary/redis.rb', line 77 def printable_redis_response(response_data, convert_whitespace = true) Rex::Text.ascii_safe_hex(response_data, convert_whitespace) end |
#read_timeout ⇒ Object
34 35 36 |
# File 'lib/msf/core/auxiliary/redis.rb', line 34 def read_timeout datastore['READ_TIMEOUT'] end |
#redis_command(*commands) ⇒ Object
48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/msf/core/auxiliary/redis.rb', line 48 def redis_command(*commands) command_string = printable_redis_response(commands.join(' ')) unless (command_response = send_redis_command(*commands)) vprint_error("No response to '#{command_string}'") return end if /(?<auth_response>ERR operation not permitted|NOAUTH Authentication required)/i =~ command_response fail_with(::Msf::Module::Failure::BadConfig, "#{peer} requires authentication but Password unset") unless datastore['Password'] vprint_status("Requires authentication (#{printable_redis_response(auth_response, false)})") if (auth_response = send_redis_command('AUTH', datastore['PASSWORD'])) unless auth_response =~ /\+OK/ vprint_error("Authentication failure: #{printable_redis_response(auth_response)}") return end vprint_status("Authenticated") unless (command_response = send_redis_command(*commands)) vprint_error("No response to '#{command_string}'") return end else vprint_status("Authentication failed; no response") return end end vprint_status("Redis command '#{command_string}' got '#{printable_redis_response(command_response)}'") command_response end |
#report_redis(version) ⇒ Object
38 39 40 41 42 43 44 45 46 |
# File 'lib/msf/core/auxiliary/redis.rb', line 38 def report_redis(version) report_service( host: rhost, port: rport, proto: 'tcp', name: 'redis', info: "version #{version}" ) end |