CVE-2014-3120 PoC — Elasticsearch 安全漏洞

Source

Associated Vulnerability

Title:Elasticsearch 安全漏洞 (CVE-2014-3120)
Description:Elasticsearch是荷兰Elasticsearch公司的一套基于Lucene构建的开源分布式RESTful搜索引擎，它主要用于云计算中，并支持通过HTTP使用JSON进行数据索引。 Elasticsearch 1.2之前版本中存在安全漏洞，该漏洞源于程序在默认配置下允许使用动态脚本。远程攻击者可利用该漏洞借助‘source’参数执行任意的MVEL表达式和Java代码。

Description

Demonstration of CVE-2014-3120

Readme

##CVE-2014-3120 Elastic Search Remote Code Execution

This project demonstrates the CVE-2014-3120 vulnerability/misconfiguration.  It allows you to read from and append to files on the system hosting ES, provided the user running ES has access to them.

###Notes

This does not require a web server.  Save it locally and run it from a browser.

Discovery and vuln publishing credit goes to: @BvdBijl - http://bouk.co/blog/elasticsearch-rce/

![image](screen.png)

File Snapshot


 [4.0K]  /data/pocs/153bc4802c65ca6455975c542eae9855603731b6
├── [5.4K]  es_inject.html
├── [ 462]  README.md
└── [ 63K]  screen.png

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!