Redis Cache Poisoner

💉 Can you inject Redis commands through their note caching system?

Challenge 07 Jan 2026 Pro Exclusive Solution (Pro)

A note caching API constructs Redis commands using string concatenation, creating opportunities for CRLF injection attacks. When user input meets insufficient sanitization, even simple note storage can become a pathway to Redis command injection and session manipulation. 🎯 Time to test your protocol injection skills!

Flags

Points

50%

Success Rate

Start Your Challenge

~1-2 min setup

Dedicated server

Private instance

Industry standard

Learn From the Community

Discover different approaches and techniques from hackers who completed this lab.

All writeups Solutions Unlimited hints Archived labs

Unlock with Pro

Ready to hack this lab?

Create a free account to start your own dedicated server, submit flags, and earn points on the leaderboard.

Start Hacking Free

Redis Cache Poisoner

Challenge 5 points

Writeup Guidelines

Share your solution approach, methodology, and insights. Your writeup will be reviewed before being published to the community. Earn +5 bonus points when your writeup is approved!

Requirements:

No flag content: Do not reveal actual flag values or passwords in your writeup
Include lab link: Your writeup must contain a direct link to this lab for reference
Educational focus: Explain your methodology, tools used, and learning insights

Writeup URL *

Link to your blog post, GitHub repository, or any platform where you've published your writeup
Remember to include this lab's URL in your writeup: https://hackerdna.com/labs/redis-cache-poisoner

Language *

Help others find writeups in their preferred language

Confirmation Required

I confirm that my writeup includes a direct link to this lab

Your writeup must reference this lab's URL: https://hackerdna.com/labs/redis-cache-poisoner

I confirm that my writeup does NOT contain flag content or critical information

Do not include actual flags, passwords, or other sensitive information that would spoil the challenge

Join 5,000+ hackers learning cybersecurity with hands-on labs. Create Account