REDIS

OFFSEC - Proving Grounds - SYBARIS

10 October 2025·1959 words·10 mins

OFFSEC PG PRACTICE FTP REDIS NXC PWNKIT

FTP on port 21 allows anonymous login and is writable. Redis 5.0.9 on port 6379 is exploitable by uploading a Redis module via FTP and exploit Redis for pablo access, then use pwnkit (CVE-2021-4034) to escalate to root.

OFFSEC - Proving Grounds - WOMBO

20 September 2025·1898 words·9 mins

OFFSEC PG PRACTICE REDIS

Redis 5.0.9 on port 6379 has RCE vulnerability, exploiting it grants initial access as root user.

OFFSEC - Proving Grounds - BLACKGATE

18 August 2025·1478 words·7 mins

OSCP OFFSEC PG PRACTICE REDIS PWNKIT

Redis 4.0.14 on port 6379 exploited for initial access. linpeas.sh reveals pwnkit vulnerability (CVE-2021-4034) which leads to privilege escalation.