[记模拟渗透]-HackTheBoX-Tier0_Redeemer - 4

Feb 22, 2024#Web2Security #HackTheBox119

AI-generated summary

The task involves using nmap to scan a target IP address and identify an open TCP port. The service running on the port is identified as Redis, which is an in-memory database. The command-line utility used to interact with the Redis server is redis-cli, and the flag used to specify the hostname is -h. The command "info" is used to obtain information and statistics about the Redis server, and the version being used on the target machine is 5.0.7. The command "select" is used to choose a desired database in Redis, and the command "keys *" is used to obtain all keys in a database. The number of keys present in database index 0 is not specified in the provided information.

官方提示难度：Very Easy

nmap -sS -T4 -p0-65535 目标 IP

TASK 1
Which TCP port is open on the machine?
6379

TASK 2
Which service is running on the port that is open on the machine?
redis

TASK 3
What type of database is Redis? Choose from the following options: (i) In-memory Database, (ii) Traditional Database
In-memory Database

TASK 4
Which command-line utility is used to interact with the Redis server? Enter the program name you would enter into the terminal without any arguments.
redis-cli

TASK 5
Which flag is used with the Redis command-line utility to specify the hostname?
-h

TASK 6
Once connected to a Redis server, which command is used to obtain the information and statistics about the Redis server?
info

TASK 7
What is the version of the Redis server being used on the target machine?
5.0.7
使用 nmap 扫描，前面使用 - A 扫描的时候可以得到该题答案

TASK 8
Which command is used to select the desired database in Redis?
select

TASK 9
How many keys are present inside the database with index 0?

TASK 10
Which command is used to obtain all the keys in a database?
keys *

10.129.20.8:6379> keys *
1) "numb"
2) "flag"
3) "temp"
4) "stor"
(0.63s)
10.129.20.8:6379> get flag
"03e1d2b376c37ab3f5319922053953eb"