Redeemer-HackTheBox

HackTheBox- Redeemer

Leave a Comment / Write-ups, HackTheBox / By

Hello folks,
This blog focuses on a machine with the name “Redeemer” within HackTheBox’s Starting point tier 0. It has been classified as an easy-level challenge. Let’s proceed without any delay and begin the penetration testing process.

Click here to access the Redeemer machine.

In this writeup, we will be learning about a service called Redis which can be found in your real-life pentesting.
There are a total of 11 tasks that we have to complete. So, let’s connect to the HTB network using OpenVPN and then use nmap to scan the machine’s IP.

nmap -p- -sS <Mahine_IP>

1 nmap 1

Task 1
There is only one port open which is the answer to the first task.

Task 2
The next task asks for the name of the service that you will get from the output of Nmap scan.

Task 3
Now we need to do some research on this service using the Google Search Engine.

2. whats redis 20230626 155334

So we got our answer from here. Now let’s move towards the next task.

Task 4
We need to find the name of the command line tool that we can use to interact with this service. I know the name of the tool. You can also Google the same. You should know the power of how to use Search engines.

3. Redis cli 20230626 155336

Task 5
Now, check out the help menu of the tool with the –help flag.

4. Help menu 20230626 155337

Task 6
Now let’s connect with the following command to the remote server.

redis-cli –h <Machine_IP>

5. connected to redis 20230626 155337

Now we need to find the information of the Redis server for which we need to find a command using Google.

6. Info 20230626 155338

Task 7
Using the info command, let’s get the version of Redis Server.

7. version 20230626 155339

Task 8
To select the desired database inside the Redis server, we will use the “select” command.

8. Select 20230626 155340

Task 9
Now we need to find the keys with index 0. So in the output of the Info command, there was a heading with Keyspace under which you will find the answer.

9. keys

Task 10
To find or get all keys stored in the Redis server we need to run the following command:

keys *

10. All Keys

Task 11
Now final question is to get the flag. You saw in the above output that there was a key with the name Flag. So we can simply use the “get” command followed by the key name to get the value of the specific key.

11. Root flag 1

This write-up is just an overview of Redis penetration testing. HackTheBox has created this awesome room “Redeemer” for this.

Also, you can check out our other blogs on Cyber Security and Penetration Testing here.

Happy Pentesting!!!

Team CyberiumX

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top