Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-3120 PoC — Elasticsearch 安全漏洞

Source
https://github.com/jeffgeiger/es_inject
Associated Vulnerability
Title:Elasticsearch 安全漏洞 (CVE-2014-3120)
Description:The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. NOTE: this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.
Description
Demonstration of CVE-2014-3120
Readme
##CVE-2014-3120 Elastic Search Remote Code Execution

This project demonstrates the CVE-2014-3120 vulnerability/misconfiguration.  It allows you to read from and append to files on the system hosting ES, provided the user running ES has access to them.

###Notes

This does not require a web server.  Save it locally and run it from a browser.

Discovery and vuln publishing credit goes to: @BvdBijl - http://bouk.co/blog/elasticsearch-rce/

![image](screen.png)
File Snapshot

 [4.0K]  /data/pocs/153bc4802c65ca6455975c542eae9855603731b6
├── [5.4K]  es_inject.html
├── [ 462]  README.md
└── [ 63K]  screen.png

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →