Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-1427 PoC — Elasticsearch Groovy Scripting Engine Sandbox 安全绕过漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/%E6%95%B0%E6%8D%AE%E5%BA%93%E6%BC%8F%E6%B4%9E/ElasticSearch%20Groovy%20%E6%B2%99%E7%9B%92%E7%BB%95%E8%BF%87%20&%20%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2015-1427.md
Associated Vulnerability
Title:Elasticsearch Groovy Scripting Engine Sandbox 安全绕过漏洞 (CVE-2015-1427)
Description:Elasticsearch是荷兰Elasticsearch公司的一套基于Lucene构建的开源分布式RESTful搜索引擎,它主要用于云计算中,并支持通过HTTP使用JSON进行数据索引。 Elasticsearch 1.37及之前版本和1.4.3之前1.4.x版本的Groovy脚本引擎中存在安全漏洞。远程攻击者可借助特制的脚本利用该漏洞绕过沙箱保护机制,执行任意shell命令。
File Snapshot

 # ElasticSearch Groovy 沙盒绕过 & 代码执行漏洞 CVE-2015-1427

## 漏洞描述

CVE-2014-3120后,ElasticSearch默认的动态脚本语言换成

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.