If you know the redis channel name, you can do arbitrary command injection with wikibugs. We reported this upstream (https://github.com/gawel/irc3/issues/34) but never actually updated our copy of irc3, oops. Upgrading might also fix the SSL/TLS issue on Libera.
We're going to fix this after we've finished exploiting it to register channels that wikibugs is opped in.
Discovered by @valhallasw after I asked him to find a backdoor into wikibugs :-)
>>> import rqueue >>> r = rqueue.RedisQueue('<secret>', 'tools-redis') >>> r.put({'raw': True, 'msg': 'opperdepop\x00\r\nMODE #wikimedia-perf-bots +o legoktm\r\n', 'channels': ['#wikimedia-perf-bots']})