Nmap Development mailing list archives

Re: [NSE] http-vuln-cve2015-1427 Remote Code Execution in Elastic Search

From: Gyanendra Mishra <anomaly.the () gmail com>
Date: Fri, 13 Mar 2015 16:49:39 +0530

Hi Dan,

1. I added the 'brutal' argument. If there are no indices it creates one.
Or else the script returns nil on finding no indices. Issue : The script
has to be run once more to get results. The put request returns 201 as
expected but when I check if something got added it returns false.
Rerunning the script gives correct results.

2. Mistake on my part. I corrected it.

3. I removed the fail function and added a return nil and a debug statement
saying 'Could not be parsed'.

4. I created a table  which is used to generate the json via the
json.generate() method. Escaping the JSON payload using url.escape doesn't
work. It leads to no result.

5. I added the result to the exploit_results field.

The script is working well now. Just the issue mentioned in point 1
remains.

Gyanendra

Attachment: http-vuln-cve2015-1427.nse
Description:

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] http-vuln-cve2015-1427 Remote Code Execution in Elastic Search Gyanendra Mishra (Mar 12)
- Re: [NSE] http-vuln-cve2015-1427 Remote Code Execution in Elastic Search Daniel Miller (Mar 12)
  - Re: [NSE] http-vuln-cve2015-1427 Remote Code Execution in Elastic Search Gyanendra Mishra (Mar 12)
    - Re: [NSE] http-vuln-cve2015-1427 Remote Code Execution in Elastic Search Daniel Miller (Mar 12)
    - Re: [NSE] http-vuln-cve2015-1427 Remote Code Execution in Elastic Search Gyanendra Mishra (Mar 13)
    - Re: [NSE] http-vuln-cve2015-1427 Remote Code Execution in Elastic Search Daniel Miller (Mar 13)
    - Re: [NSE] http-vuln-cve2015-1427 Remote Code Execution in Elastic Search Gyanendra Mishra (Mar 14)