Exploit Notes

Memcache Pentesting

Last modified: 2023-02-23

Web

Memcached is a general-purpose distributed memory caching system. A default port is 11211.

Communication

We can communicate with memcache server using Netcat.

nc -vn <ip> 11211
Connection to <ip> 11211 port [tcp/*] succeeded!

# Commands in nc
version
stats
stats slabs
stats items
stats cachedump <number> 0
stats cachedump 1 0
get <item_name>

Tools by HDKS

Fuzzagotchi

Automatic web fuzzer.

aut0rec0n

Auto reconnaissance CLI.

Hash Cracker

Hash identifier.