Module: Msf::Auxiliary::Redis

Includes:: Report, Scanner, Exploit::Remote::Tcp

Defined in:: lib/msf/core/auxiliary/redis.rb

Overview

This module provides methods for working with redis

Instance Attribute Summary

Attributes included from Exploit::Remote::Tcp

#sock

Instance Method Summary collapse

#initialize(info = {}) ⇒ Object

Initializes an instance of an auxiliary module that interacts with Redis.
#printable_redis_response(response_data, convert_whitespace = true) ⇒ Object
#read_timeout ⇒ Object
#redis_command(*commands) ⇒ Object
#report_redis(version) ⇒ Object

Instance Method Details

#initialize(info = {}) ⇒ `Object`

Initializes an instance of an auxiliary module that interacts with Redis

# File 'lib/msf/core/auxiliary/redis.rb', line 18

def initialize(info = {})
  super
  register_options(
    [
      Opt::RPORT(6379),
      OptString.new('PASSWORD', [false, 'Redis password for authentication test', 'foobared'])
    ]
  )

  register_advanced_options(
    [
      OptInt.new('READ_TIMEOUT', [true, 'Seconds to wait while reading redis responses', 2])
    ]
  )
end

#printable_redis_response(response_data, convert_whitespace = true) ⇒ `Object`


77
78
79

# File 'lib/msf/core/auxiliary/redis.rb', line 77

def printable_redis_response(response_data, convert_whitespace = true)
  Rex::Text.ascii_safe_hex(response_data, convert_whitespace)
end

#read_timeout ⇒ `Object`


34
35
36

# File 'lib/msf/core/auxiliary/redis.rb', line 34

def read_timeout
  datastore['READ_TIMEOUT']
end

#redis_command(*commands) ⇒ `Object`

# File 'lib/msf/core/auxiliary/redis.rb', line 48

def redis_command(*commands)
  command_string = printable_redis_response(commands.join(' '))
  unless (command_response = send_redis_command(*commands))
    vprint_error("No response to '#{command_string}'")
    return
  end
  if /(?<auth_response>ERR operation not permitted|NOAUTH Authentication required)/i =~ command_response
    fail_with(::Msf::Module::Failure::BadConfig, "#{peer} requires authentication but Password unset") unless datastore['Password']
    vprint_status("Requires authentication (#{printable_redis_response(auth_response, false)})")
    if (auth_response = send_redis_command('AUTH', datastore['PASSWORD']))
      unless auth_response =~ /\+OK/
        vprint_error("Authentication failure: #{printable_redis_response(auth_response)}")
        return
      end
      vprint_status("Authenticated")
      unless (command_response = send_redis_command(*commands))
        vprint_error("No response to '#{command_string}'")
        return
      end
    else
      vprint_status("Authentication failed; no response")
      return
    end
  end

  vprint_status("Redis command '#{command_string}' got '#{printable_redis_response(command_response)}'")
  command_response
end

#report_redis(version) ⇒ `Object`

# File 'lib/msf/core/auxiliary/redis.rb', line 38

def report_redis(version)
  report_service(
    host: rhost,
    port: rport,
    proto: 'tcp',
    name: 'redis',
    info: "version #{version}"
  )
end

Module: Msf::Auxiliary::Redis

Overview

Instance Attribute Summary

Attributes included from Exploit::Remote::Tcp

Instance Method Summary collapse

Methods included from Report

Methods included from Metasploit::Framework::Require

Methods included from Scanner

Methods included from Exploit::Remote::Tcp

Instance Method Details

#initialize(info = {}) ⇒ Object

#printable_redis_response(response_data, convert_whitespace = true) ⇒ Object

#read_timeout ⇒ Object

#redis_command(*commands) ⇒ Object

#report_redis(version) ⇒ Object

#initialize(info = {}) ⇒ `Object`

#printable_redis_response(response_data, convert_whitespace = true) ⇒ `Object`

#read_timeout ⇒ `Object`

#redis_command(*commands) ⇒ `Object`

#report_redis(version) ⇒ `Object`