🔑 Initial Access

1. Unauthenticated Redis Access

Access to the database was obtained directly through the Redis service, which was configured to allow connections without authentication.

Steps taken:

Connected to the Redis instance using redis-cli.
Verified access by running the info command.
Explored the keyspace to identify sensitive information.

2. Retrieving the Flag

The flag was found stored as a key inside the default database (db0).

Command:

10.129.80.36:6379> get flag

Next Step

🏁 Next Step: Flags & Completion →