How to do it...

The following steps demonstrate the exploitation of Elasticsearch:

  1. The default port is 9200 for Elasticsearch. We start the Metasploit console:
  1. We search for the Elasticsearch exploit using this command:
       search elasticsearch

The following screenshot shows the output for the preceding command:

  1. We choose the exploit in this case:
        use exploit/multi/elasticsearch/search_groovy_script

The following screenshot shows the output for the preceding command:

  1. We set RHOST using the set RHOST x.x.x.x command:
  1. We run the following ...

Get Kali Linux - An Ethical Hacker's Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.