mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2025-12-17 19:05:26 +00:00
4f93520e47
* rebase js-layer PR from @ice3man543 * package restructuring * working * fix duplicated event & matcher status * fix lint error * fix response field * add new functions * multiple minor improvements * fix incorrect stats in js protocol * sort output metadata in cli * remove temp files * remove dead code * add unit and integration test * fix lint error * add jsdoclint using llm * fix error in test * add js lint using llm * generate docs of libs * llm lint * remove duplicated docs * update generated docs * update prompt in doclint * update docs * temp disable version check test * fix unit test and add retry * fix panic in it * update and move jsdocs * updated jsdocs * update docs * update container platform in test * dir restructure and adding docs * add api_reference and remove markdown docs * fix imports * add javascript design and contribution docs * add js protocol documentation * update integration test and docs * update doc ext mdx->md * minor update to docs * new integration test and more * move go libs and add docs * gen new net docs and more * final docs update * add new devtool * use fastdialer * fix build fail * use fastdialer + network sandbox support * add reserved keyword 'Port' * update Port to new syntax * misc update * always enable templatectx in js protocol * move docs to 'js-proto-docs' repo * remove scrapefuncs binary --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
44 lines
887 B
YAML
44 lines
887 B
YAML
id: redis-pass-brute
|
|
info:
|
|
name: redis password bruteforce
|
|
author: tarunKoyalwar
|
|
severity: high
|
|
description: |
|
|
This template bruteforces passwords for protected redis instances.
|
|
If redis is not protected with password. it is also matched
|
|
metadata:
|
|
shodan-query: product:"redis"
|
|
|
|
|
|
javascript:
|
|
- pre-condition: |
|
|
isPortOpen(Host,Port)
|
|
|
|
code: |
|
|
var m = require("nuclei/redis");
|
|
m.GetServerInfoAuth(Host,Port,Password);
|
|
|
|
args:
|
|
Host: "{{Host}}"
|
|
Port: "6379"
|
|
Password: "{{passwords}}"
|
|
|
|
payloads:
|
|
passwords:
|
|
- ""
|
|
- root
|
|
- password
|
|
- admin
|
|
- iamadmin
|
|
stop-at-first-match: true
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "redis_version"
|
|
- type: word
|
|
negative: true
|
|
words:
|
|
- "redis_mode:sentinel"
|