From 6ed596770538c9cb7c67c5fdf473fce9ad236eda Mon Sep 17 00:00:00 2001
From: shadow1ng <shadow1ng>
Date: Tue, 9 Mar 2021 17:00:06 +0800
Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0redis=E8=BF=98=E5=8E=9Fdbname?=
 =?UTF-8?q?=E3=80=81dir?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Plugins/redis.go | 49 ++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 47 insertions(+), 2 deletions(-)

diff --git a/Plugins/redis.go b/Plugins/redis.go
index 766b6c0..2f48fb6 100644
--- a/Plugins/redis.go
+++ b/Plugins/redis.go
@@ -49,7 +49,7 @@ func RedisConn(info *common.HostInfo, pass string) (flag bool, err error) {
 		result := fmt.Sprintf("[+] Redis:%s %s", realhost, pass)
 		common.LogSuccess(result)
 		flag = true
-		Expoilt(realhost, conn)
+		err = Expoilt(realhost, conn)
 	}
 	return flag, err
 }
@@ -74,12 +74,16 @@ func RedisUnauth(info *common.HostInfo) (flag bool, err error) {
 		result := fmt.Sprintf("[+] Redis:%s unauthorized", realhost)
 		common.LogSuccess(result)
 		flag = true
-		Expoilt(realhost, conn)
+		err = Expoilt(realhost, conn)
 	}
 	return flag, err
 }
 
 func Expoilt(realhost string, conn net.Conn) error {
+	dbfilename, dir, err := getconfig(conn)
+	if err != nil {
+		return err
+	}
 	flagSsh, flagCron, err := testwrite(conn)
 	if err != nil {
 		return err
@@ -117,6 +121,7 @@ func Expoilt(realhost string, conn net.Conn) error {
 			}
 		}
 	}
+	recoverdb(dbfilename, dir, conn)
 	return err
 }
 
@@ -287,3 +292,43 @@ func testwrite(conn net.Conn) (flag bool, flagCron bool, err error) {
 	}
 	return flag, flagCron, err
 }
+
+func getconfig(conn net.Conn) (dbfilename string, dir string, err error) {
+	_, err = conn.Write([]byte(fmt.Sprintf("CONFIG GET dbfilename\r\n")))
+	if err != nil {
+		return
+	}
+	dbfilename, err = readreply(conn)
+	if err != nil {
+		return
+	}
+	_, err = conn.Write([]byte(fmt.Sprintf("CONFIG GET dir\r\n")))
+	if err != nil {
+		return
+	}
+	dir, err = readreply(conn)
+	if err != nil {
+		return
+	}
+	return
+}
+
+func recoverdb(dbfilename string, dir string, conn net.Conn) (err error) {
+	_, err = conn.Write([]byte(fmt.Sprintf("CONFIG SET dbfilename %s\r\n", dbfilename)))
+	if err != nil {
+		return
+	}
+	dbfilename, err = readreply(conn)
+	if err != nil {
+		return
+	}
+	_, err = conn.Write([]byte(fmt.Sprintf("CONFIG SET dir %s\r\n", dir)))
+	if err != nil {
+		return
+	}
+	dir, err = readreply(conn)
+	if err != nil {
+		return
+	}
+	return
+}