CVE-2025-49844 PoC — Redis 资源管理错误漏洞

Source

https://github.com/imbas007/CVE-2025-49844-Vulnerability-Scanner

Associated Vulnerability

Title:Redis 资源管理错误漏洞 (CVE-2025-49844)
Description:Redis是美国Redis公司的一套开源的使用ANSI C编写、支持网络、可基于内存亦可持久化的日志型、键值（Key-Value）存储数据库，并提供多种语言的API。 Redis 8.2.1及之前版本存在资源管理错误漏洞，该漏洞源于特制Lua脚本可操纵垃圾收集器，触发释放后重用，可能导致远程代码执行。

Readme

# CVE-2025-49844 (RediShell) Vulnerability Scanner

A comprehensive vulnerability scanner for testing Redis instances against the critical CVE-2025-49844 (RediShell) vulnerability.

## About the Vulnerability

- **CVE ID**: CVE-2025-49844
- **Name**: RediShell
- **CVSS Score**: 10.0 (Critical)
- **Type**: Use-After-Free (UAF) in Lua Interpreter
- **Impact**: Remote Code Execution (RCE)

### Vulnerable Versions

All Redis versions before:
- Redis 8.2.2
- Redis 8.0.4
- Redis 7.4.6
- Redis 7.2.11

## Installation

### Prerequisites

```bash
# Install Python dependencies
pip install redis colorama

# Or use virtual environment
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt
```

## Usage

The scanner supports both single target and list scanning:

```bash
# Show help
python3 CVE-2025-49844-Vulnerability-Scanner.py -h

# Single target scan
python3 CVE-2025-49844-Vulnerability-Scanner.py -t 192.168.1.1:6379

# List target scan
python3 CVE-2025-49844-Vulnerability-Scanner.py -l targets.txt

# Single target with custom output
python3 CVE-2025-49844-Vulnerability-Scanner.py -t 192.168.1.1:6379 -o vuln.txt

# List scan with custom settings
python3 CVE-2025-49844-Vulnerability-Scanner.py -l targets.txt -w 20 --timeout 5 -o vuln.txt --json results.json
```

## Command Line Options

- `-t, --target TARGET` - Single target to scan (IP:PORT format)
- `-l, --list LIST` - File containing list of targets (one per line)
- `-w, --workers WORKERS` - Number of concurrent workers (default: 50)
- `--timeout TIMEOUT` - Connection timeout in seconds (default: 5)
- `-o, --output OUTPUT` - Output file for vulnerable targets (default: vuln.txt)
- `--json JSON` - Save detailed results to JSON file
- `--verbose` - Verbose output
- `-h, --help` - Show help message

## Features

- **Multiple Scanner Types**: Enhanced, single target, and multi-target scanners
- **Concurrent Scanning**: Configurable worker threads for efficient scanning
- **Version Detection**: Automatic Redis version detection
- **Lua Scripting Test**: Verifies if Lua scripting is enabled
- **Vulnerability Detection**: Identifies CVE-2025-49844 vulnerable versions
- **Output Formats**: Text and JSON output options
- **Color-coded Results**: Easy to read terminal output
- **Detailed Reporting**: Comprehensive scan results with metadata

sorce: https://github.com/raminfp

File Snapshot


 [4.0K]  /data/pocs/3f9a6a5478763a061831584083cdf1bfd09aa9fe
├── [ 16K]  CVE-2025-49844-Vulnerability-Scanner.py
├── [2.3K]  README.md
└── [  29]  requirements.txt

1 directory, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!