what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
ElasticSearch Search Groovy Sandbox Bypass https://packetstormsecurity.com/files/130799/search_groovy_script.rb.txt https://packetstormsecurity.com/files/130799/search_groovy_script.rb.txt https://packetstormsecurity.com/files/130799/ElasticSearch-Search-Groovy-Sandbox-Bypass.html Thu, 12 Mar 2015 16:52:01 GMT This Metasploit module exploits a remote command execution (RCE) vulnerability in ElasticSearch, exploitable by default on ElasticSearch prior to 1.4.3. The bug is found in the REST API, which does not require authentication, where the search function allows groovy code execution and its sandbox can be bypassed using java.lang.Math.class.forName to reference arbitrary classes. It can be used to execute arbitrary Java code. This Metasploit module has been tested successfully on ElasticSearch 1.4.2 on Ubuntu Server 12.04.

Related Files

No related files
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close