Mitigations

Modify redis.conf to disable dangerous commands:

rename-command FLUSHALL ""
rename-command CONFIG ""
rename-command EVAL ""

Create a redis user for Redis operations:

$ groupadd -r redis && user add -r -g redis redis

Modify redis.conf to add a password for Redis authentication:

requirepass mypassword

Modify redis.conf to allow access from localhost only:

bind 127.0.0.1

Set correct permission for authorized_keys to prevent attackers from adding their public keys into this file:

$ chmod 400 ~/.ssh/authorized_keys
PreviousRCENextLinux Exploitation

Last updated

Was this helpful?