CVE-2015-1427

This Metasploit module exploits CVE-2015-1427, a remote command execution vulnerability in ElasticSearch prior to 1.4.3. It bypasses the Groovy sandbox via Java class reflection to execute arbitrary code, leveraging the REST API without authentication.

This exploit leverages CVE-2015-1427, a remote code execution vulnerability in ElasticSearch, by sending a crafted JSON payload to execute arbitrary commands via Java's Runtime.exec(). The script provides a semi-interactive shell for command execution.

This repository contains a functional exploit for CVE-2015-1427, targeting Elasticsearch versions 1.4.0 to 1.4.2. The exploit leverages a Groovy sandbox bypass via the REST API to achieve remote code execution (RCE) without authentication.

The provided script is a minimal setup script for Elasticsearch, lacking any exploit code or vulnerability demonstration for CVE-2015-1427. It merely starts Elasticsearch and tails its log file.

This is a functional exploit for CVE-2015-1427, an Elasticsearch remote code execution vulnerability via Groovy scripting. It sends a crafted POST request to execute arbitrary commands on the target system.

This repository contains a Docker-based PoC for CVE-2015-1427, an Elasticsearch Groovy scripting vulnerability. The script sets up a vulnerable Elasticsearch instance and demonstrates the exploit by sending a malicious request.

This repository provides a proof-of-concept for CVE-2015-1427, a Groovy sandbox bypass and remote code execution vulnerability in ElasticSearch. It includes two methods for exploiting the vulnerability: Java reflection to bypass the sandbox and direct Groovy command execution.

This Metasploit module exploits CVE-2015-1427, a remote command execution vulnerability in ElasticSearch prior to 1.4.3. It bypasses the Groovy sandbox via Java class reflection to execute arbitrary code.