Redeemer — Tier 0 — HTB Starting Point

  Hello Everyone!!

In this blog we are going to PWN Redeemer the 4th machine of tier-0 in starting point

Redeemer is a Linux based machine from Hack The Box. It is a part of starting point path and its difficulty is marked as very easy.

First connect to the “Starting Point” vpn and spawn the machine to get the IP Address

The IP address of the machine is 10.129.65.177. Next, check the connection to the machine using PING

ping -c 4 10.129.65.177

Now to start with the Enumeration we do a nmap scan to find the open ports and services that are running on the IP address

nmap -sV -p- 10.129.65.177

• sV is for service detection
• -p- is for scanning all the ports

Here are the rersults of the nmap scan

As we can see that redis service is running on port 6379

What is Redis?

Redis is an in-memory data structure store, used as a distributed, in-memory key–value database, cache and message broker, with optional durability.

In Linux, redis-tools can be installed and redis-cli can be used to connect to remote Redis servers.

Installing Redis-cli

Now, to be able to interact remotely with the Redis server, we need to download the redis-cli utility. It can be downloaded using the following command :

sudo apt install redis-tools

Now to connect we need to use,

redis-cli -h {target_IP}

-h : specify the hostname of the target to connect to

Redis works on a key value model so after connecting we can enumerate keys

then use get flag to get the flag

Task 1

Task 2

Task 3

Task 4

Task 5

Task 6

Task 7

Task 8

Task 9

Task 10

Now Finally Submit The Flag That We Found Earlier

Congratulations!! You have Pwned The Machine