Redeemer - Linux

Ping and nmap target Ip, this time we’ll use nmap -p- -sV {target Ip} to scan all 65,535 tcp ports instead of just the most popular 1000, this will result in us finding a 6379/tcp open redis port.

Redis (Remote Dictionary Server) is an open-source advanced NoSQL key-value data store used as a database, cache, and message broker. Usually used for short term storage of data that needs fast retrieval, backs up to hard drives to provide consistency.

The command-line interface (CLI) is a tool that gives you complete access to Redis’s data and functionalities if you’re developing a software/ tool that needs to interact with it

Redis-cli –help lists commands we can use, use redis-cli -h {target Ip} to connect to the redis server (-h specifies hostname)

Info will return information on the redis server, under # Keyspace we see db0 (database 0) and keys=4, this means there is a database with the index 0 with 4 keys, select the database with select 0

List all the keys present in the database with keys *, and use get {key name} to view the values stored for the corresponding key, in this case use get flag to view the value and capture the flag.