PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-17 13:09:02 +00:00
Code Issues Projects Releases Wiki Activity

fixed doccumentation

Browse Source
This commit is contained in:
gyani
2015-05-21 15:42:58 +00:00
parent 6a4c2ab7e5
commit e60b65b016
1 changed files with 11 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
scripts/http-vuln-cve2015-1427.nse
View File

@@ -8,19 +8,21 @@ local base64 = require "base64"
local nmap = require "nmap" local nmap = require "nmap"
description = [[ description = [[
A simple script based on the exploit mentioned here :  This script attempts to detect a vulnerability, CVE-2015-1427, which allows attackers
http://carnal0wnage.attackresearch.com/2015/03/elasticsearch-cve-2015-1427-rce-exploit.html to leverage features of this API to gain unauthenticated remote code execution (RCE).
The vulnerability allows an attacker to construct Groovy scripts that escape the sandbox and
execute shell commands as the user running the Elasticsearch Java VM. Elasticsearch versions 1.3.0-1.3.7 and 1.4.0-1.4.2 have a vulnerability in the Groovy scripting engine.
]] The vulnerability allows an attacker to construct Groovy scripts that escape the sandbox and execute shell
commands as the user running the Elasticsearch Java VM.
]]
--- ---
-- @args command enter the shell command to be executed -- @args command Enter the shell comannd to be executed. The script outputs the Java
-- tries to fetch the os details by default -- and Elasticsearch versions by default.
-- @args invasive if set to true then creates an index incase one is not present. -- @args invasive If set to true then it creates an index if there are no indices.
-- --
-- @usage -- @usage
-- nmap --script=http-vuln-cve2015-1427 --script-args command=' ls' <targets> -- nmap --script=http-vuln-cve2015-1427 --script-args command= 'ls' <targets>
-- --
--@output --@output
-- | http-vuln-cve2015-1427: -- | http-vuln-cve2015-1427: