top of page
Writer's pictureRohan A G
Sep 252 min read

Hack the Box: REDEEMER

Machine difficulty: Very Easy

Setting up the environment

Refer the blog on the machine MEOW to configure and connect to the HTB VPN.

 

Cracking REDEEMER

STEP 1: Launch the machine

In order to use the machine, we must first launch an instance of it. However, connecting to the VPN is necessary before the machine can be spawned. If you're unsure where to begin, take a look at my Meow walkthrough where I already discussed on the topic. You will be granted an IP address once you have joined and created a machine.

As seen above the machine is fired up.

The target machine is successfully responding to the ping requests.

 

 

STEP 2: Enumeration:



Enumeration can be done using nmap . The command is as shown in the above image. We see that port 6379 is open and running redis services.

Once done install the redis command line interface. The command for this would be sudo apt install redis-tools.

As shown above we have accessed the redis server. To know more information we can type info as shown below. This discloses the version, build id, etc.

As seen above we can view all keys and the flag key has the value of our required flag. We can obtain it by using the get key command: get flag.


And we now have our flag. Congrats you have pwned REDEEMER!!!!

1. Which TCP port is open on the machine?

6379


2. Which service is running on the port that is open on the machine?

redis


3. What type of database is Redis? Choose from the following options:

(i) In-memory Database, (ii) Traditional DatabaseIn-memory Database


4. Which command-line utility is used to interact with the Redis server? Enter the program name you would enter into the terminal without any arguments:

redis-cli


5. Which flag is used with the Redis command-line utility to specify the hostname? -h


6. Once connected to a Redis server, which command is used to obtain the information and statistics about the Redis server?

info


7. What is the version of the Redis server being used on the target machine?

5.0.7


8. Which command is used to select the desired database in Redis?

select


9. How many keys are present inside the database with index 0?

4


10. Which command is used to obtain all the keys in a database?

keys *

 

2 views0 comments

Recent Posts

See All

Comments

bottom of page