hacktricks/network-services-pentesting/11211-memcache/README.md

# 11211 - Pentesting Memcache

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}

## Protocol Information

From [wikipedia](https://en.wikipedia.org/wiki/Memcached):

> **Memcached** (izgovor: mem-kesd, mem-keš-di) je sistem za keširanje u memoriji opšte namene. Često se koristi za ubrzavanje dinamičkih veb sajtova koji koriste baze podataka keširanjem podataka i objekata u RAM-u kako bi se smanjio broj puta kada se mora čitati spoljni izvor podataka (kao što su baza podataka ili API).

Iako Memcached podržava SASL, većina instanci je **izložena bez autentifikacije**.

**Podrazumevani port:** 11211
```
PORT      STATE SERVICE
11211/tcp open  unknown
```
## Enumeration

### Manual

Da biste ekfiltrirali sve informacije sačuvane unutar memcache instance, potrebno je:

1. Pronaći **slabs** sa **aktivnim stavkama**
2. Dobiti **imena ključeva** slabova otkrivenih ranije
3. Ekfiltrirati **sačuvane podatke** dobijanjem **imena ključeva**

Zapamtite da je ova usluga samo **cache**, tako da **podatci mogu da se pojavljuju i nestaju**.
```bash
echo "version" | nc -vn -w 1 <IP> 11211      #Get version
echo "stats" | nc -vn -w 1 <IP> 11211        #Get status
echo "stats slabs" | nc -vn -w 1 <IP> 11211  #Get slabs
echo "stats items" | nc -vn -w 1 <IP> 11211  #Get items of slabs with info
echo "stats cachedump <number> 0" | nc -vn -w 1 <IP> 11211  #Get key names (the 0 is for unlimited output size)
echo "get <item_name>" | nc -vn -w 1 <IP> 11211  #Get saved info

#This php will just dump the keys, you need to use "get <item_name> later"
sudo apt-get install php-memcached
php -r '$c = new Memcached(); $c->addServer("localhost", 11211); var_dump( $c->getAllKeys() );'
```
### Manual2
```bash
sudo apt install libmemcached-tools
memcstat --servers=127.0.0.1 #Get stats
memcdump --servers=127.0.0.1 #Get all items
memccat  --servers=127.0.0.1 <item1> <item2> <item3> #Get info inside the item(s)
```
### Automatski
```bash
nmap -n -sV --script memcached-info -p 11211 <IP>   #Just gather info
msf > use auxiliary/gather/memcached_extractor      #Extracts saved data
msf > use auxiliary/scanner/memcached/memcached_amp #Check is UDP DDoS amplification attack is possible
```
## **Dumping Memcache Keys**

U oblasti memcache, protokola koji pomaže u organizovanju podataka po slabovima, postoje specifične komande za inspekciju sačuvanih podataka, iako sa značajnim ograničenjima:

1. Ključevi se mogu dumpovati samo po slab klasi, grupišući ključeve slične veličine sadržaja.
2. Postoji ograničenje od jedne stranice po slab klasi, što odgovara 1MB podataka.
3. Ova funkcija je neslužbena i može biti ukinuta u bilo kojem trenutku, kao što je raspravljeno na [forumima zajednice](https://groups.google.com/forum/?fromgroups=#!topic/memcached/1-T8I-RVGKM).

Ograničenje dumpovanja samo 1MB iz potencijalno gigabajta podataka je posebno značajno. Ipak, ova funkcionalnost može pružiti uvide u obrasce korišćenja ključeva, u zavisnosti od specifičnih potreba. Za one koji su manje zainteresovani za mehaniku, poseta [odeljku sa alatima](https://lzone.de/cheat-sheet/memcached#tools) otkriva alate za sveobuhvatan dump. Alternativno, proces korišćenja telnet-a za direktnu interakciju sa memcached postavkama je opisan u nastavku.

### **How it Works**

Organizacija memorije u memcache-u je ključna. Pokretanje memcache-a sa opcijom "-vv" otkriva slab klase koje generiše, kao što je prikazano u nastavku:
```bash
$ memcached -vv
slab class   1: chunk size        96 perslab   10922
[...]
```
Da biste prikazali sve trenutno postojeće slabove, koristi se sledeća komanda:
```bash
stats slabs
```
Dodavanje jednog ključa u memcached 1.4.13 ilustruje kako se slab klase popunjavaju i upravljaju. Na primer:
```bash
set mykey 0 60 1
1
STORED
```
Izvršavanje komande "stats slabs" nakon dodavanja ključa daje detaljnu statistiku o korišćenju slabova:
```bash
stats slabs
[...]
```
Ovaj izlaz otkriva aktivne tipove slabova, korišćene delove i operativne statistike, pružajući uvide u efikasnost operacija čitanja i pisanja.

Još jedna korisna komanda, "stats items", pruža podatke o evikcijama, ograničenjima memorije i životnim ciklusima stavki:
```bash
stats items
[...]
```
Ove statistike omogućavaju obrazložene pretpostavke o ponašanju keširanja aplikacija, uključujući efikasnost keša za različite veličine sadržaja, alokaciju memorije i kapacitet za keširanje velikih objekata.

### **Dumping Keys**

Za verzije pre 1.4.31, ključevi se dumpuju po slab klasi koristeći:
```bash
stats cachedump <slab class> <number of items to dump>
```
Na primer, da biste dumpovali ključ u klasi #1:
```bash
stats cachedump 1 1000
ITEM mykey [1 b; 1350677968 s]
END
```
Ova metoda prolazi kroz slab klase, izvlačeći i opcionalno dumpujući ključne vrednosti.

### **DUMPING MEMCACHE KEYS (VER 1.4.31+)**

Sa verzijom memcache 1.4.31 i iznad, uvedena je nova, sigurnija metoda za dumpovanje ključeva u produkcionom okruženju, koristeći neblokirajući režim kao što je detaljno opisano u [release notes](https://github.com/memcached/memcached/wiki/ReleaseNotes1431). Ovaj pristup generiše opsežan izlaz, stoga se preporučuje korišćenje 'nc' komande za efikasnost. Primeri uključuju:
```bash
echo 'lru_crawler metadump all' | nc 127.0.0.1 11211 | head -1
echo 'lru_crawler metadump all' | nc 127.0.0.1 11211 | grep ee6ba58566e234ccbbce13f9a24f9a28
```
### **DUMPING TOOLS**

Table [from here](https://lzone.de/blog).

| Programming Languages | Tools                                                                                                                              | Functionality                                                                                                                                                          |                                                                             |         |
| --------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------- | ------- |
| PHP                   | [simple script](http://snipt.org/xtP)                                                                                              | Štampa imena ključeva.                                                                                                                                               |                                                                             |         |
| Perl                  | [simple script](https://wiki.jasig.org/download/attachments/13572172/memcached-clean.pl?version=1\&modificationDate=1229693957401) | Štampa ključeve i vrednosti                                                                                                                                          |                                                                             |         |
| Ruby                  | [simple script](https://gist.github.com/1365005)                                                                                   | Štampa imena ključeva.                                                                                                                                               |                                                                             |         |
| Perl                  | [memdump](https://search.cpan.org/\~dmaki/Memcached-libmemcached-0.4202/src/libmemcached/docs/memdump.pod)                         | Alat u CPAN modulu                                                                                                                                                  | [Memcached-libmemcached](https://search.cpan.org/\~dmaki/Memcached-libmemc) | ached/) |
| PHP                   | [memcache.php](http://livebookmark.net/journal/2008/05/21/memcachephp-stats-like-apcphp/)                                          | Memcache Monitoring GUI koji takođe omogućava dumpovanje ključeva                                                                                                   |                                                                             |         |
| libmemcached          | [peep](http://blog.evanweaver.com/2009/04/20/peeping-into-memcached/)                                                              | **Zamrzava vaš memcached proces!!!** Budite oprezni kada to koristite u produkciji. I dalje, koristeći to možete zaobići ograničenje od 1MB i stvarno dumpovati **sve** ključeve. |                                                                             |         |

## Troubleshooting <a href="#troubleshooting" id="troubleshooting"></a>

### 1MB Data Limit <a href="#1mb-data-limit" id="1mb-data-limit"></a>

Napomena da pre memcached 1.4 ne možete čuvati objekte veće od 1MB zbog podrazumevane maksimalne veličine slab.

### Never Set a Timeout > 30 Days! <a href="#never-set-a-timeout--30-days" id="never-set-a-timeout--30-days"></a>

Ako pokušate da “set” ili “add” ključ sa vremenskim ograničenjem većim od dozvoljenog maksimuma, možda nećete dobiti ono što očekujete jer memcached tada tretira vrednost kao Unix vremensku oznaku. Takođe, ako je vremenska oznaka u prošlosti, neće učiniti ništa. Vaša komanda će tiho propasti.

Dakle, ako želite da koristite maksimalni vek, navedite 2592000. Primer:
```
set my_key 0 2592000 1
1
```
### Disappearing Keys on Overflow <a href="#disappearing-keys-on-overflow" id="disappearing-keys-on-overflow"></a>

Iako dokumentacija kaže nešto o prebacivanju oko 64bit prelivanja vrednosti koristeći “incr”, to uzrokuje da vrednost nestane. Potrebno je ponovo je kreirati koristeći “add”/”set”.

### Replication <a href="#replication" id="replication"></a>

memcached sam ne podržava replikaciju. Ako vam je zaista potrebna, morate koristiti rešenja trećih strana:

* [repcached](http://repcached.lab.klab.org/): Multi-master async replikacija (memcached 1.2 patch set)
* [Couchbase memcached interface](http://www.couchbase.com/memcached): Koristite CouchBase kao memcached drop-in
* [yrmcds](https://cybozu.github.io/yrmcds/): memcached kompatibilan Master-Slave key value store
* [twemproxy](https://github.com/twitter/twemproxy) (aka nutcracker): proxy sa memcached podrškom

### Commands Cheat-Sheet

{% content-ref url="memcache-commands.md" %}
[memcache-commands.md](memcache-commands.md)
{% endcontent-ref %}

### **Shodan**

* `port:11211 "STAT pid"`
* `"STAT pid"`

## References

* [https://lzone.de/cheat-sheet/memcached](https://lzone.de/cheat-sheet/memcached)

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`# 11211 - Pentesting Memcache`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`{% hint style="success" %}`
			`Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`<details>`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`<summary>Support HackTricks</summary>`
arte 2024-02-03 01:15:34 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`* Check the [subscription plans](https://github.com/sponsors/carlospolop)!`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Share hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
			`</details>`
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`{% endhint %}`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`## Protocol Information`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`From [wikipedia](https://en.wikipedia.org/wiki/Memcached):`
a 2024-02-08 21:36:15 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`> Memcached (izgovor: mem-kesd, mem-keš-di) je sistem za keširanje u memoriji opšte namene. Često se koristi za ubrzavanje dinamičkih veb sajtova koji koriste baze podataka keširanjem podataka i objekata u RAM-u kako bi se smanjio broj puta kada se mora čitati spoljni izvor podataka (kao što su baza podataka ili API).`
a 2024-02-08 21:36:15 +00:00
Translated to Serbian 2024-02-10 13:11:20 +00:00			`Iako Memcached podržava SASL, većina instanci je izložena bez autentifikacije.`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated to Serbian 2024-02-10 13:11:20 +00:00			`Podrazumevani port: 11211`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			```
			`PORT STATE SERVICE`
			`11211/tcp open unknown`
			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`## Enumeration`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`### Manual`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Da biste ekfiltrirali sve informacije sačuvane unutar memcache instance, potrebno je:`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`1. Pronaći slabs sa aktivnim stavkama`
			`2. Dobiti imena ključeva slabova otkrivenih ranije`
			`3. Ekfiltrirati sačuvane podatke dobijanjem imena ključeva`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Zapamtite da je ova usluga samo cache, tako da podatci mogu da se pojavljuju i nestaju.`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			```bash
			`echo "version" \| nc -vn -w 1 <IP> 11211 #Get version`
			`echo "stats" \| nc -vn -w 1 <IP> 11211 #Get status`
			`echo "stats slabs" \| nc -vn -w 1 <IP> 11211 #Get slabs`
			`echo "stats items" \| nc -vn -w 1 <IP> 11211 #Get items of slabs with info`
			`echo "stats cachedump <number> 0" \| nc -vn -w 1 <IP> 11211 #Get key names (the 0 is for unlimited output size)`
			`echo "get <item_name>" \| nc -vn -w 1 <IP> 11211 #Get saved info`

			`#This php will just dump the keys, you need to use "get <item_name> later"`
			`sudo apt-get install php-memcached`
			`php -r '$c = new Memcached(); $c->addServer("localhost", 11211); var_dump( $c->getAllKeys() );'`
			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`### Manual2`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			```bash
			`sudo apt install libmemcached-tools`
			`memcstat --servers=127.0.0.1 #Get stats`
			`memcdump --servers=127.0.0.1 #Get all items`
			`memccat --servers=127.0.0.1 <item1> <item2> <item3> #Get info inside the item(s)`
			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`### Automatski`
Translated to Serbian 2024-02-10 13:11:20 +00:00			```bash
			`nmap -n -sV --script memcached-info -p 11211 <IP> #Just gather info`
			`msf > use auxiliary/gather/memcached_extractor #Extracts saved data`
			`msf > use auxiliary/scanner/memcached/memcached_amp #Check is UDP DDoS amplification attack is possible`
			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`## Dumping Memcache Keys`
Translated to Serbian 2024-02-10 13:11:20 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`U oblasti memcache, protokola koji pomaže u organizovanju podataka po slabovima, postoje specifične komande za inspekciju sačuvanih podataka, iako sa značajnim ograničenjima:`
Translated to Serbian 2024-02-10 13:11:20 +00:00
			`1. Ključevi se mogu dumpovati samo po slab klasi, grupišući ključeve slične veličine sadržaja.`
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`2. Postoji ograničenje od jedne stranice po slab klasi, što odgovara 1MB podataka.`
			`3. Ova funkcija je neslužbena i može biti ukinuta u bilo kojem trenutku, kao što je raspravljeno na [forumima zajednice](https://groups.google.com/forum/?fromgroups=#!topic/memcached/1-T8I-RVGKM).`
Translated to Serbian 2024-02-10 13:11:20 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Ograničenje dumpovanja samo 1MB iz potencijalno gigabajta podataka je posebno značajno. Ipak, ova funkcionalnost može pružiti uvide u obrasce korišćenja ključeva, u zavisnosti od specifičnih potreba. Za one koji su manje zainteresovani za mehaniku, poseta [odeljku sa alatima](https://lzone.de/cheat-sheet/memcached#tools) otkriva alate za sveobuhvatan dump. Alternativno, proces korišćenja telnet-a za direktnu interakciju sa memcached postavkama je opisan u nastavku.`
Translated to Serbian 2024-02-10 13:11:20 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`### How it Works`
Translated to Serbian 2024-02-10 13:11:20 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Organizacija memorije u memcache-u je ključna. Pokretanje memcache-a sa opcijom "-vv" otkriva slab klase koje generiše, kao što je prikazano u nastavku:`
a 2024-02-08 21:36:15 +00:00			```bash
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			`$ memcached -vv`
			`slab class 1: chunk size 96 perslab 10922`
			`[...]`
			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Da biste prikazali sve trenutno postojeće slabove, koristi se sledeća komanda:`
a 2024-02-08 21:36:15 +00:00			```bash
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			`stats slabs`
			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Dodavanje jednog ključa u memcached 1.4.13 ilustruje kako se slab klase popunjavaju i upravljaju. Na primer:`
a 2024-02-08 21:36:15 +00:00			```bash
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			`set mykey 0 60 1`
			`1`
			`STORED`
			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Izvršavanje komande "stats slabs" nakon dodavanja ključa daje detaljnu statistiku o korišćenju slabova:`
a 2024-02-08 21:36:15 +00:00			```bash
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			`stats slabs`
a 2024-02-08 21:36:15 +00:00			`[...]`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Ovaj izlaz otkriva aktivne tipove slabova, korišćene delove i operativne statistike, pružajući uvide u efikasnost operacija čitanja i pisanja.`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Još jedna korisna komanda, "stats items", pruža podatke o evikcijama, ograničenjima memorije i životnim ciklusima stavki:`
a 2024-02-08 21:36:15 +00:00			```bash
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			`stats items`
a 2024-02-08 21:36:15 +00:00			`[...]`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Ove statistike omogućavaju obrazložene pretpostavke o ponašanju keširanja aplikacija, uključujući efikasnost keša za različite veličine sadržaja, alokaciju memorije i kapacitet za keširanje velikih objekata.`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`### Dumping Keys`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Za verzije pre 1.4.31, ključevi se dumpuju po slab klasi koristeći:`
a 2024-02-08 21:36:15 +00:00			```bash
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			`stats cachedump <slab class> <number of items to dump>`
			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Na primer, da biste dumpovali ključ u klasi #1:`
a 2024-02-08 21:36:15 +00:00			```bash
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			`stats cachedump 1 1000`
			`ITEM mykey [1 b; 1350677968 s]`
			`END`
			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Ova metoda prolazi kroz slab klase, izvlačeći i opcionalno dumpujući ključne vrednosti.`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`### DUMPING MEMCACHE KEYS (VER 1.4.31+)`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Sa verzijom memcache 1.4.31 i iznad, uvedena je nova, sigurnija metoda za dumpovanje ključeva u produkcionom okruženju, koristeći neblokirajući režim kao što je detaljno opisano u [release notes](https://github.com/memcached/memcached/wiki/ReleaseNotes1431). Ovaj pristup generiše opsežan izlaz, stoga se preporučuje korišćenje 'nc' komande za efikasnost. Primeri uključuju:`
a 2024-02-08 21:36:15 +00:00			```bash
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			`echo 'lru_crawler metadump all' \| nc 127.0.0.1 11211 \| head -1`
			`echo 'lru_crawler metadump all' \| nc 127.0.0.1 11211 \| grep ee6ba58566e234ccbbce13f9a24f9a28`
			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`### DUMPING TOOLS`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Table [from here](https://lzone.de/blog).`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`\| Programming Languages \| Tools \| Functionality \| \| \|`
			`\| --------------------- \| ---------------------------------------------------------------------------------------------------------------------------------- \| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- \| --------------------------------------------------------------------------- \| ------- \|`
			`\| PHP \| [simple script](http://snipt.org/xtP) \| Štampa imena ključeva. \| \| \|`
			`\| Perl \| [simple script](https://wiki.jasig.org/download/attachments/13572172/memcached-clean.pl?version=1\&modificationDate=1229693957401) \| Štampa ključeve i vrednosti \| \| \|`
			`\| Ruby \| [simple script](https://gist.github.com/1365005) \| Štampa imena ključeva. \| \| \|`
			`\| Perl \| [memdump](https://search.cpan.org/\~dmaki/Memcached-libmemcached-0.4202/src/libmemcached/docs/memdump.pod) \| Alat u CPAN modulu \| [Memcached-libmemcached](https://search.cpan.org/\~dmaki/Memcached-libmemc) \| ached/) \|`
			`\| PHP \| [memcache.php](http://livebookmark.net/journal/2008/05/21/memcachephp-stats-like-apcphp/) \| Memcache Monitoring GUI koji takođe omogućava dumpovanje ključeva \| \| \|`
			`\| libmemcached \| [peep](http://blog.evanweaver.com/2009/04/20/peeping-into-memcached/) \| Zamrzava vaš memcached proces!!! Budite oprezni kada to koristite u produkciji. I dalje, koristeći to možete zaobići ograničenje od 1MB i stvarno dumpovati sve ključeve. \| \| \|`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`## Troubleshooting <a href="#troubleshooting" id="troubleshooting"></a>`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`### 1MB Data Limit <a href="#1mb-data-limit" id="1mb-data-limit"></a>`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Napomena da pre memcached 1.4 ne možete čuvati objekte veće od 1MB zbog podrazumevane maksimalne veličine slab.`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`### Never Set a Timeout > 30 Days! <a href="#never-set-a-timeout--30-days" id="never-set-a-timeout--30-days"></a>`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Ako pokušate da “set” ili “add” ključ sa vremenskim ograničenjem većim od dozvoljenog maksimuma, možda nećete dobiti ono što očekujete jer memcached tada tretira vrednost kao Unix vremensku oznaku. Takođe, ako je vremenska oznaka u prošlosti, neće učiniti ništa. Vaša komanda će tiho propasti.`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Dakle, ako želite da koristite maksimalni vek, navedite 2592000. Primer:`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00			```
			`set my_key 0 2592000 1`
			`1`
			```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`### Disappearing Keys on Overflow <a href="#disappearing-keys-on-overflow" id="disappearing-keys-on-overflow"></a>`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`Iako dokumentacija kaže nešto o prebacivanju oko 64bit prelivanja vrednosti koristeći “incr”, to uzrokuje da vrednost nestane. Potrebno je ponovo je kreirati koristeći “add”/”set”.`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`### Replication <a href="#replication" id="replication"></a>`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`memcached sam ne podržava replikaciju. Ako vam je zaista potrebna, morate koristiti rešenja trećih strana:`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`* [repcached](http://repcached.lab.klab.org/): Multi-master async replikacija (memcached 1.2 patch set)`
			`* [Couchbase memcached interface](http://www.couchbase.com/memcached): Koristite CouchBase kao memcached drop-in`
			`* [yrmcds](https://cybozu.github.io/yrmcds/): memcached kompatibilan Master-Slave key value store`
			`* [twemproxy](https://github.com/twitter/twemproxy) (aka nutcracker): proxy sa memcached podrškom`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`### Commands Cheat-Sheet`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
			`{% content-ref url="memcache-commands.md" %}`
			`[memcache-commands.md](memcache-commands.md)`
			`{% endcontent-ref %}`

			`### Shodan`

			* `port:11211 "STAT pid"`
			* `"STAT pid"`

Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`## References`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
			`* [https://lzone.de/cheat-sheet/memcached](https://lzone.de/cheat-sheet/memcached)`

Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`{% hint style="success" %}`
			`Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`<details>`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`<summary>Support HackTricks</summary>`
arte 2024-02-03 01:15:34 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`* Check the [subscription plans](https://github.com/sponsors/carlospolop)!`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Share hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
GITBOOK-3783: No subject 2023-02-16 13:29:30 +00:00
			`</details>`
Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:15:49 +00:00			`{% endhint %}`