Elasticsearch 本身不提供任何用戶認證與授權方面的操作(甚至其中壓根沒有 “用戶” 的概念),此方面作業的責任被讓給了開發者與管理員,某些觀點看來,這并非功能缺失,而被視為一種設計理念(類似的Solr 產品也同樣如此,雖然它提供了更多的一些相關插件),將安全訪問控制留給了用戶,個中理由是"認證授權功能大都是與應用領域緊密耦合的" ,
另外,Elastic Co. 本身致力于圍繞 Elasticsearch 打造產品生態圈,這其中就包含了舊稱 Shield,現稱Security(已被包含在X-Pack產品包中)的軟體,不管是以前的 Shield,還是當今的Security,其目的都是為Elasticsearch提供安全訪問管理方案,它們都是閉源的商業軟體,
本文介紹了一種Crack X-Pack 的方法,為 elasticsearch 安全保駕護航,
Crack x-pack
下載 x-pack
Elasticsearch 6.3.x 之后的版本已經自帶了 x-pack 插件,無需單獨下載;
此版本之前的 Elasticsearch 需要單獨安裝版本號一致對應的 x-pack 插件,以 Elasticsearch-5.4.3 為例,需要安裝 x-pack-5.4.3 插件;
x-pack-5.4.3 的下載地址 https://artifacts.elastic.co/downloads/packs/x-pack/x-pack-5.4.3.zip
無需解壓,直接以壓縮包安裝:
./elasticsearch-plugin install file:///home/weijie/elasticsearch-5.4.3-security/x-pack-5.4.3.zip
安裝完成后,重啟 elasticsearch,訪問 es 的 9200 埠,發現已經被 x-pack 保護起來了,需要登錄才能訪問.
默認用戶名:elastic
默認密碼:changeme
然 x-pack 是需要付費的,試用版 license 只有一個月:
curl -X GET -u elastic:changeme localhost:9200/_license
Crack x-pack
crack x-pack.jar
-
創建檔案 LicenseVerifier.java
內容如下:
package org.elasticsearch.license; import java.nio.*; import java.util.*; import java.security.*; import org.elasticsearch.common.xcontent.*; import org.apache.lucene.util.*; import org.elasticsearch.common.io.*; import java.io.*; public class LicenseVerifier { public static boolean verifyLicense(final License license, final byte[] encryptedPublicKeyData) { return true; } public static boolean verifyLicense(final License license) { return true; } } -
編譯 LicenseVerifier.java
javac -cp "/home/weijie/elasticsearch-5.4.3-security/elasticsearch-5.4.3/lib/elasticsearch-5.4.3.jar:/home/weijie/elasticsearch-5.4.3-security/elasticsearch-5.4.3/lib/lucene-core-6.5.1.jar:/home/weijie/elasticsearch-5.4.3-security/elasticsearch-5.4.3/plugins/x-pack/x-pack-5.4.3.jar" LicenseVerifier.java得到
LicenseVerifier.class -
替換 LicenseVerifier.class
替換
LicenseVerifier.class到plugins/x-pack/x-pack-5.4.3.jar,此處切忌使用 windows 系統的壓縮軟體做 class 檔案替換! -
新建臨時檔案夾 temp
mkdir temp -
將 /plugins/x-pack/x-pack-5.4.3.jar 移動到 temp 檔案夾
mv elasticsearch-5.4.3/plugins/x-pack/x-pack-5.4.3.jar temp/cd temp -
解開 x-pack-5.4.3.jar
jar -xvf x-pack-5.4.3.jarrm -rf x-pack-5.4.3.jar -
洗掉原 LicenseVerifier.class 檔案,將新編譯的 LicenseVerifier.class 拷貝到該位置
rm -rf org/elasticsearch/license/LicenseVerifier.classcp ../LicenseVerifier.class org/elasticsearch/license/ -
重新打包
jar -cvf x-pack-5.4.3.jar ./* -
將新包 x-pack-5.4.3.jar 移動到 /plugins/x-pack/
mv x-pack-5.4.3.jar ../elasticsearch-5.4.3/plugins/x-pack/
更新 license
-
獲取 license
在此注冊 https://license.elastic.co/registration
根據收到的郵件前往下載 license,格式化后內容如下:
{ "license": { "uid": "b48c21d4-2b00-44fa-a456-dc40b0cdb649", "type": "basic", "issue_date_in_millis": 1592870400000, "expiry_date_in_millis": 1624492799999, "max_nodes": 100, "issued_to": "jack jie (tencent)", "issuer": "Web Form", "signature": "AAAAAwAAAA3b8VQtxztAV9mDLDSbAAABmC9ZN0hjZDBGYnVyRXpCOW5Bb3FjZDAxOWpSbTVoMVZwUzRxVk1PSmkxaktJRVl5MUYvUWh3bHZVUTllbXNPbzBUemtnbWpBbmlWRmRZb25KNFlBR2x0TXc2K2p1Y1VtMG1UQU9TRGZVSGRwaEJGUjE3bXd3LzRqZ05iLzRteWFNekdxRGpIYlFwYkJiNUs0U1hTVlJKNVlXekMrSlVUdFIvV0FNeWdOYnlESDc3MWhlY3hSQmdKSjJ2ZTcvYlBFOHhPQlV3ZHdDQ0tHcG5uOElCaDJ4K1hob29xSG85N0kvTWV3THhlQk9NL01VMFRjNDZpZEVXeUtUMXIyMlIveFpJUkk2WUdveEZaME9XWitGUi9WNTZVQW1FMG1DenhZU0ZmeXlZakVEMjZFT2NvOWxpZGlqVmlHNC8rWVVUYzMwRGVySHpIdURzKzFiRDl4TmM1TUp2VTBOUlJZUlAyV0ZVL2kvVk10L0NsbXNFYVZwT3NSU082dFNNa2prQ0ZsclZ4NTltbU1CVE5lR09Bck93V2J1Y3c9PQAAAQCFcV581PDqxjAM9m5CJkzBVnBM71leWkrvLyeSf6vSpFuLK+LFc2QThP6utxLJOmNdvDk8mUiEOkSEAIPseH0KaXR2w3BJ60P37Ryq7txE1P2D4De9Iz04hf8wrbqZK5Go3r95b2rcKTTO9+iNrRr3X69U5MtZ8V1JjXFcUC0Ppq3ryg+oPN2kafWmkjgtUBqwpz5aeMZlk/I6dQpn4TY2OtIT5E2HUxqpycVyXAcyTIkkdeQGhtKOC64GbExRvNQrQ9Xbc+ZSv/ofvXkv8fQq7oj6koqBslOLmXRmn7os/fNWuM5QO3TrlLYdDcNcP2uI4xJxGgEOKVXZ0qh19OAX", "start_date_in_millis": 1592870400000 } } -
篡改 license
主要改動級別
type和過期時間expiry_date_in_millis兩處,將 type 改為platinum即白金版,過期時間你改為2050年,注意這個license.json 不要格式化,寫在一行就好,license.json
{"license":{"uid":"b48c21d4-2b00-44fa-a456-dc40b0cdb649","type":"platinum","issue_date_in_millis":1592870400000,"expiry_date_in_millis":2524579200999,"max_nodes":100,"issued_to":"jack jie (tencent)","issuer":"Web Form","signature":"AAAAAwAAAA3b8VQtxztAV9mDLDSbAAABmC9ZN0hjZDBGYnVyRXpCOW5Bb3FjZDAxOWpSbTVoMVZwUzRxVk1PSmkxaktJRVl5MUYvUWh3bHZVUTllbXNPbzBUemtnbWpBbmlWRmRZb25KNFlBR2x0TXc2K2p1Y1VtMG1UQU9TRGZVSGRwaEJGUjE3bXd3LzRqZ05iLzRteWFNekdxRGpIYlFwYkJiNUs0U1hTVlJKNVlXekMrSlVUdFIvV0FNeWdOYnlESDc3MWhlY3hSQmdKSjJ2ZTcvYlBFOHhPQlV3ZHdDQ0tHcG5uOElCaDJ4K1hob29xSG85N0kvTWV3THhlQk9NL01VMFRjNDZpZEVXeUtUMXIyMlIveFpJUkk2WUdveEZaME9XWitGUi9WNTZVQW1FMG1DenhZU0ZmeXlZakVEMjZFT2NvOWxpZGlqVmlHNC8rWVVUYzMwRGVySHpIdURzKzFiRDl4TmM1TUp2VTBOUlJZUlAyV0ZVL2kvVk10L0NsbXNFYVZwT3NSU082dFNNa2prQ0ZsclZ4NTltbU1CVE5lR09Bck93V2J1Y3c9PQAAAQCFcV581PDqxjAM9m5CJkzBVnBM71leWkrvLyeSf6vSpFuLK+LFc2QThP6utxLJOmNdvDk8mUiEOkSEAIPseH0KaXR2w3BJ60P37Ryq7txE1P2D4De9Iz04hf8wrbqZK5Go3r95b2rcKTTO9+iNrRr3X69U5MtZ8V1JjXFcUC0Ppq3ryg+oPN2kafWmkjgtUBqwpz5aeMZlk/I6dQpn4TY2OtIT5E2HUxqpycVyXAcyTIkkdeQGhtKOC64GbExRvNQrQ9Xbc+ZSv/ofvXkv8fQq7oj6koqBslOLmXRmn7os/fNWuM5QO3TrlLYdDcNcP2uI4xJxGgEOKVXZ0qh19OAX","start_date_in_millis":1592870400000}} -
更新 license
curl -u elastic:changeme -X PUT http://localhost:9200/_xpack/license -d @license.json -
再查看 license
curl -u elastic:changeme -X GET http://localhost:9200/_license
到此,x-pack 的crack作業就完成了,我們嘗試將 elastic 用戶的密碼改為 datainsight:
curl -u elastic:changeme -X PUT http://localhost:9200/_xpack/security/user/elastic/_password -H 'Contentpe: application/json' -d '{"password" : "datainsight"}'
使用 x-pack 創建安全 client
首先在 pom.xml 中引入 x-pack-transport 依賴,版本號與 elasticsearch 一致:
pom.xml
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>3.8.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-to-slf4j</artifactId>
<version>2.7</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.12</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.7.5</version>
</dependency>
<dependency>
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<version>5.4.3</version>
</dependency>
<!-- add the x-pack jar as a dependency -->
<dependency>
<groupId>org.elasticsearch.client</groupId>
<artifactId>x-pack-transport</artifactId>
<version>5.4.3</version>
</dependency>
</dependencies>
創建安全的 TransportClient 需要對代碼做出如下調整:
一定要使用 PreBuiltXPackTransportClient 而不是 PreBuiltTransportClient 創建 client,因為 PreBuiltXPackTransportClient 的 settings 中才包含 xpack.security.user 屬性,
完整示例代碼:
EsClient.java
package test.xpacktest;
import java.net.InetSocketAddress;
import org.elasticsearch.client.transport.TransportClient;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.InetSocketTransportAddress;
import org.elasticsearch.xpack.client.PreBuiltXPackTransportClient;
public class EsClient {
private static final String CLUSTER_NAME = "cluster.name";
private static final String XPACK_SECURITY_USER = "xpack.security.user";
private static EsClient instance = null;
private TransportClient transportClient = null;
private String clusterName = "datainsight_cluster";
private String xPackSecurityUser = "elastic:datainsight";
private String esAddress = "192.168.205.132:9300";
private EsClient() {
}
@SuppressWarnings("unchecked")
private boolean init() {
try {
Settings settings = Settings.builder()
.put(CLUSTER_NAME, clusterName)
.put(XPACK_SECURITY_USER, xPackSecurityUser)
.build();
transportClient = new PreBuiltXPackTransportClient(settings);
String[] esAddressArr = esAddress.split(",");
for (String addr : esAddressArr) {
String[] ipAndPort = addr.split(":");
transportClient.addTransportAddress(new InetSocketTransportAddress(
new InetSocketAddress(ipAndPort[0],
Integer.valueOf(ipAndPort[1]))));
}
} catch (Exception e) {
return false;
}
return true;
}
public static EsClient getInstance() {
if (instance == null) {
instance = new EsClient();
if (!instance.init()) {
instance = null;
}
}
return instance;
}
public TransportClient getClient() {
return transportClient;
}
}
App.java
package test.xpacktest;
import org.elasticsearch.action.admin.cluster.state.ClusterStateResponse;
import org.elasticsearch.client.transport.TransportClient;
public class App {
public static void main( String[] args ) {
TransportClient client = EsClient.getInstance().getClient();
ClusterStateResponse response = client
.admin()
.cluster()
.prepareState()
.execute()
.actionGet();
System.out.println(response.getState());
}
}
最后,如果您根據本文的步驟順利 crack,歡迎您點贊支持, 感激不盡,如果您在哪個步驟遇到了問題,也歡迎您留言,我會補充完善,同樣感激不盡!
參考文獻
[1] ES X-Pack 5.4.3 Crack
[2] x-pack安裝
[3] elasticsearch之x-pack crack
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/218553.html
標籤:其他