Hi everyone
Today we are going to look for a Box called Redeemer which is rated as very easy in terms of difficulty. This machine has three phases: Recon, Enumeration and Exploitation.
- BOX Questions
- Task 1 Which TCP port is open on the machine?
- Task 2 Which service is running on the port that is open on the machine?
- Task 3 What type of database is Redis? Choose from the following options: (i) In-memory Database, (ii) Traditional Database
- Task 4 Which command-line utility is used to interact with the Redis server? Enter the program name you would enter into the terminal without any arguments.
- Task 5 Which flag is used with the Redis command-line utility to specify the hostname?
- Task 6 Once connected to a Redis server, which command is used to obtain the information and statistics about the Redis server?
- Task 7 What is the version of the Redis server being used on the target machine?
- Task 8 Which command is used to select the desired database in Redis?
- Task 9 How many keys are present inside the database with index 0?
- Task 10 Which command is used to obtain all the keys in a database?
- Recon & Enumeration
- Exploitation
- Key Takeaways
There are various tasks that needs to be completed to solve the entire Machine/Box.
BOX Questions
Task 1 Which TCP port is open on the machine?
6379
Task 2 Which service is running on the port that is open on the machine?
redis
Task 3 What type of database is Redis? Choose from the following options: (i) In-memory Database, (ii) Traditional Database
In-memory Database
Task 4 Which command-line utility is used to interact with the Redis server? Enter the program name you would enter into the terminal without any arguments.
redis-cli
Task 5 Which flag is used with the Redis command-line utility to specify the hostname?
-h
Task 6 Once connected to a Redis server, which command is used to obtain the information and statistics about the Redis server?
info
Task 7 What is the version of the Redis server being used on the target machine?
5.0.7
Task 8 Which command is used to select the desired database in Redis?
select
Task 9 How many keys are present inside the database with index 0?
4
Task 10 Which command is used to obtain all the keys in a database?
keys *
Recon & Enumeration
Enumeration plays a very significant role in pen testing. The more properly you enumerate the more it will be easy to get a foothold on the target.
First, we will check whether target is reachable or not with ping command:
ping Target_IP
With ping command output we found that the target is reachable.
Now let’s move ahead and run the port scan for which we will be using Nmap a popular tool for port scanning and it will provide details of the various ports which are in Open state. The command for that will be:
sudo nmap -sV Target_IP
The above output shows that Port 6379 is open, and redis service is running on that port.
Redis?
Redis (REmote DIctionary Server) is an open-source advanced NoSQL key-value data store used as a
database, cache, and message broker. The data is stored in a dictionary format having key-value pairs. It is
typically used for short term storage of data that needs fast retrieval. Redis does backup data to hard drives to provide consistency
The server
Redis runs as server-side software so its core functionality is in its server component. The server listens for
connections from clients, programmatically or through the command-line interface.
The CLI
The command-line interface (CLI) is a powerful tool that gives you complete access to Redis’s data and its
functionalities if you are developing a software or tool that needs to interact with it.
Database
The database is stored in the server’s RAM to enable fast data access. Redis also writes the contents of the
database to disk at varying intervals to persist it as a backup, in case of failure.
redis-cli Installation: sudo apt install redis-tools
Exploitation
Submit root flag
We have finally retrieved the flag value from the Redis database
Key Takeaways
- Always enumerate properly.
- Do not use insecure logins like Anonymous or guest access.
If you enjoyed this post, share it with your friends and colleagues!