CVE-2014-3120 PoC — Elasticsearch 安全漏洞

Source

https://github.com/echohtp/ElasticSearch-CVE-2014-3120

Associated Vulnerability

Title:Elasticsearch 安全漏洞 (CVE-2014-3120)
Description:Elasticsearch是荷兰Elasticsearch公司的一套基于Lucene构建的开源分布式RESTful搜索引擎，它主要用于云计算中，并支持通过HTTP使用JSON进行数据索引。 Elasticsearch 1.2之前版本中存在安全漏洞，该漏洞源于程序在默认配置下允许使用动态脚本。远程攻击者可利用该漏洞借助‘source’参数执行任意的MVEL表达式和Java代码。

Description

POC Code to exploite CVE-2014-3120

Readme

ElasticSearch search Remote Code Execution (CVE-2014-3120)
===========================

POC Code to exploit CVE-2014-3120

Requirements: python

Usage: python elastic_check.py <file in host:port format>

Example:
```
➜ ~$ python elastic_check.py hostport.txt
0	10.0.0.10:9200	Vulnerable
1	10.0.0.11:9201	Not Vulnerable
2	10.0.0.12:9201	Connection error

Vulnerable hosts: 1
Not-vulnerable hosts: 1
Connection Errors: 1
```

hostport.txt:
```
10.0.0.10:9200
10.0.0.11:9201
10.0.0.12:9201
```

File Snapshot


 [4.0K]  /data/pocs/22f667f905ee90b793094d3cb89560ef25ae78a2
├── [2.1K]  elastic_check.py
├── [1.1K]  LICENSE
└── [ 493]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!