Physical attacks
Mobile Apps Pentesting
Pentesting

11211 - Pentesting Memcache

Protocol Information

Memcached (pronunciation: mem-cashed, mem-cash-dee) is a general-purpose distributed memory caching system. It is often used to speed up dynamic database-driven websites by caching data and objects in RAM to reduce the number of times an external data source (such as a database or API) must be read. (From wikipedia) Although Memcached supports SASL, most instances are exposed without authentication.

Default port: 11211

PORT STATE SERVICE
11211/tcp open unknown

Enumeration

nmap --script memcached-info -p 11211 <IP>
msf > use auxiliary/gather/memcached_extractor
echo -e "stats\n" | nc -vn <IP> 11211

Tool to obtain more information: go-derper.rb