CVE-2025-49844

This repository contains a functional proof-of-concept exploit for CVE-2025-49844 (RediShell), a Use-After-Free vulnerability in Redis's Lua interpreter. It includes a Dockerized vulnerable Redis instance (7.2.0) and a Python script to demonstrate the vulnerability through various test modes.

This repository contains a functional exploit for CVE-2025-49844, targeting a Use-After-Free (UAF) vulnerability in the Redis Lua interpreter. The exploit includes techniques for bypassing ASLR and DEP/NX, heap spraying, and executing arbitrary shellcode to achieve remote code execution (RCE).

This repository contains a functional proof-of-concept exploit for CVE-2025-49844 (RediShell), targeting Redis 8.2.1 on Alpine and Bookworm Docker images. The exploit leverages Lua script manipulation and garbage collection to achieve remote code execution.

This repository contains a functional proof-of-concept exploit for CVE-2025-49844 (RediShell), a Use-After-Free vulnerability in Redis's Lua interpreter. It includes a Dockerized vulnerable Redis instance (7.2.0) and a Python script to demonstrate the vulnerability.

The repository contains a functional exploit for CVE-2025-49844, a critical use-after-free vulnerability in Redis' Lua scripting engine, enabling authenticated attackers to achieve remote code execution via crafted Lua scripts.

This repository contains a functional exploit PoC for CVE-2025-49844 (RediShell), a Use-After-Free vulnerability in Redis's Lua interpreter leading to remote code execution. It includes a Dockerized vulnerable Redis instance (7.2.0) and a Python script to demonstrate the exploit.

The repository contains Python scripts for audio feature extraction (MFCC) and CSV processing, but no exploit code or technical details related to CVE-2025-49844. The files appear unrelated to Redis or any exploit.

The repository contains a scanner for CVE-2024-21762, a Fortinet SSL VPN vulnerability, which checks for the presence of the vulnerability without exploiting it. It includes Python scripts to send crafted HTTP requests and analyze responses to determine if a target is vulnerable.

This repository contains a functional PoC for CVE-2025-49844, demonstrating a Use-After-Free (UAF) vulnerability in Redis' Lua scripting engine. The exploit includes multiple modes to test basic UAF triggers, sandbox escape attempts, and memory corruption patterns.

This repository contains a Go-based scanner for detecting CVE-2025-49844, a use-after-free vulnerability in Redis versions 8.2.1 and older. The scanner checks for vulnerable Redis instances by testing Lua script execution capabilities but does not include exploit code.

This repository contains a Redis honeypot designed to detect exploitation attempts targeting CVE-2025-49844 (RediShell), a critical RCE vulnerability in Redis' Lua engine. The honeypot logs Lua script execution attempts without executing them, providing detailed telemetry for analysis.

This repository contains a Python-based scanner for detecting CVE-2025-49844, a Use-After-Free vulnerability in Redis' Lua interpreter. It checks for vulnerable versions, Lua scripting capabilities, and authentication requirements without exploiting the vulnerability.

This repository contains a Python-based scanner for detecting CVE-2025-49844, a vulnerability in Redis. The tool checks for vulnerable Redis versions and Lua scripting capabilities but does not include exploit code.

The repository contains a functional exploit for CVE-2025-49844, a critical use-after-free vulnerability in Redis' Lua scripting engine, enabling authenticated attackers to achieve remote code execution via crafted Lua scripts.

This repository contains scripts to audit AWS ElastiCache Redis/Valkey clusters for network exposure, specifically checking for internet-facing configurations via IGW routes. It does not exploit CVE-2025-49844 but scans for potential misconfigurations that could be leveraged in an attack.

This repository contains a functional PoC for CVE-2025-49844 (RediShell), a Use-After-Free vulnerability in Redis's Lua interpreter leading to RCE. It includes a Dockerized vulnerable Redis instance (7.2.0) and a Python exploit script demonstrating the vulnerability.

This repository contains a functional exploit PoC for CVE-2025-49844, targeting a use-after-free vulnerability in the Redis Lua interpreter. The exploit attempts to restore the 'print' function by calling 'luaopen_base' and includes multiple iterative attempts to achieve code execution.

The repository contains a functional exploit PoC for CVE-2025-49844, demonstrating SQL injection vulnerabilities in the DesiShop application. The vulnerable code is present in the HomeController.cs file, where user input is directly interpolated into SQL queries without proper sanitization.

The repository contains a functional Lua script exploiting CVE-2025-49844, a use-after-free vulnerability in Redis's Lua parser. The PoC manipulates garbage collection to trigger a crash or potential RCE by reusing freed chunk names during parsing.