Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Scan the whold internet and expolit all redis in the world.

432 views

Published on

Scan the whold internet and expolit all redis in the world.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Scan the whold internet and expolit all redis in the world.

  1. 1. REDIS @imfht Follow me at github.com/imfht
  2. 2. • • Redis • Redis •
  3. 3. 1. • IPv4 IP • • • IOT • • • …
  4. 4. 40 IP • • • IOT • • • • • 40 IP
  5. 5. • 40 IP • 4000000000 10% -400000000( ) • 400000000 1% -> 4000000( ) • 40000000 1% exploit -> 40000 ( )
  6. 6. 4
  7. 7. • Shodan.io – • Censys.io – Zmap • Zoomeye.org – • Fofa.so –
  8. 8. SHODAN.IO
  9. 9. CENSYS.IO
  10. 10. WWW.ZOOMEYE.ORG
  11. 11. FOFA.SO
  12. 12. • Getshell DDos
  13. 13. BOOM! • Zmap + ZGrab2+EvilPlugin
  14. 14. 2. REDIS • Redis ! • 6379 • IP
  15. 15. • Redis • Redis 1. SSH SSH 2. • • 1. 6379 2. Redis IP 127.0.0.1 3. Redis auth
  16. 16. REDIS
  17. 17. REDIS
  18. 18. REDIS
  19. 19. • 62.234.216.124 Redis • / C2 192.144.152.126 && 192.144.152.126:3390/run.sh
  20. 20. 3. REDIS • ZMAP • ZGrab2
  21. 21. WHY ZMAP • • Masscan – • Nmap – • Zmap • ( 45 ) • • censys.io • jinxu
  22. 22. ZGRAB • Zgrab2 zgrab • zgrab 443 TLS HTTP GET / • zmap -p 443 --output-fields=* | ztee results.csv | zgrab --port 443 --tls - http="/" --output-file=banners.json • ZGrab ZGrab ZGrab2
  23. 23. ZGRAB2 • ZGrab:Application layer scanner that operates with ZMap • ZGrab2: ZGrab 2.0 Framework • ZGrab2 • ZGrab2 bacnet, dnp3, fox, ftp, http, imap, ipp, modbus, mongodb, mssql, multiple, mysql, ntp, oracle, pop3, postgres, redis, siemens, smb, smtp, ssh, telnet or tls…
  24. 24. 4. • TODO
  25. 25. • • •
  26. 26. SMALL TIPS • Scan.io 22 80 443 • shodan censys zoomeye fofa API

×