Giters

MXWXZ / redis-dos-exp

redis DoS exp

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Redis-DoS-Exploit

Redis DoS

Affected version: v2.8-7.0.5 (latest till now)

They think it is not a security problem, so no CVE assigned, and definitely it's safe to disclose the exploit :)

Usage

python exp.py -h

python exp.py --rhost=127.0.0.1 --lhost 127.0.0.1

Root cause

Function replicationResurrectCachedMaster does not check whether server.cached_master is NULL. It will lead to NULL pointer dereference when a server sends malformed data during replication.

Credit

Code based on @n0b0dyCN (https://github.com/n0b0dyCN/redis-rogue-server)

About

redis DoS exp

License:GNU General Public License v3.0

Languages

Language:Python 100.0%