Remote exploit for Elastic Search version 1.1.1 that attempts to read /etc/hosts and /etc/passwd.
9f77dafb99af40f2c2d5742a9434d5f9d672d2a7b83bbada56a2713e609f8b41
This Metasploit module exploits a remote command execution vulnerability in ElasticSearch, exploitable by default on ElasticSearch prior to 1.2.0. The bug is found in the REST API, which requires no authentication or authorization, where the search function allows dynamic scripts execution, and can be used for remote attackers to execute arbitrary Java code. This Metasploit module has been tested successfully on ElasticSearch 1.1.1 on Ubuntu Server 12.04 and Windows XP SP3.
c25b90194192ece4e2507d09180295dea5fba7ac37136f5c31b76e2291ebeeb2