CVE-2018-17246 PoC — Elasticsearch Kibana Console插件安全漏洞

Source

https://github.com/Almandev/Sub-folderFetcher

Associated Vulnerability

Title:Elasticsearch Kibana Console插件安全漏洞 (CVE-2018-17246)
Description:Elasticsearch Kibana（前称elasticsearch-dashboard）是荷兰Elasticsearch公司的一套开源的、基于浏览器的分析和搜索Elasticsearch仪表板工具。Console是其中的一个控制台插件。 Elasticsearch Kibana 6.4.3之前版本和5.6.13之前版本中的Console插件存在安全漏洞。攻击者可通过发送请求利用该漏洞在主机操作系统上以Kibana进程权限执行任意命令。

Description

A script to download specific Vulhub repository folder (kibana/CVE-2018-17246) from GitHub.

Readme

# Sub-folder Fetcher 🐣

A script to download specific Vulhub repository folder (kibana/CVE-2018-17246) from GitHub.

## 🚀 Requirements

- `curl`
- `unzip`

## 🛠️ Usage


```bash
chmod +x subfetcher.sh
./subfetcher.sh
```

File Snapshot


 [4.0K]  /data/pocs/288af9b8e08f10c87f418dd2aec7cfa27923eee0
├── [ 232]  README.md
└── [1.3K]  subfetcher.sh

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!