Will Dx

人世一身霜雪, 归来仍是少年.

elasticsearch破解与升级

Posted April 07, 2017

1. elasticsearch破解

声明:本文仅作为学习交流,请勿用于商业用途,否则后果自负。 文章来源

1.1 ES软件下载

软件下载页面

1.2 准备工作

  • 确保Java是1.8版本
Python
# 目录 
    /Users/willdx/elk_stack
# 软件
    elasticsearch-5.5.0.zip
    kibana-5.5.0-darwin-x86_64.tar.gz
    x-pack-5.5.0.zip
    
# 解压后的目录结构
  ~ tree -L 1 elk_stack
elk_stack
├── LicenseVerifier.java   # 后续待替换文件
├── dai-xiang-174d190e-429d-4452-abd7-3e081d5a4abd-v5.json  # 后续申请的 license
├── elasticsearch-5.5.0 
├── kibana-5.5.0-darwin-x86_64
├── packages # 将下载的压缩包都放到这个目录存档
└── x-pack-5.5.0.jar # 破解后的 x-park 关键文件

1.3 安装X-Pack

1.3.1 Elasticsearch安装X-Pack

Python
cd /Users/willdx/elk_stack/elasticsearch-5.5.0
bin/elasticsearch-plugin install file:///Users/willdx/elk_stack/packages/x-pack-5.5.0.zip

1.3.2 Kibana安装X-Pack

Python
cd /Users/willdx/elk_stack/kibana-5.5.0-darwin-x86_64
bin/kibana-plugin install file:///Users/willdx/elk_stack/packages/x-pack-5.5.0.zip

1.3.3 启动服务,并查看 license 信息

  • 启动服务
Python
# kibana
cd /Users/willdx/elk_stack/kibana-5.5.0-darwin-x86_64
bin/kibana

# elasticsearch
cd /Users/willdx/elk_stack/elasticsearch-5.5.0
bin/elasticsearch -d # -d表示后台运行
  • 验证 elasticsearch正常运行

  • 登陆 kibana

浏览器访问:http://localhost:5601/

注释: X-pack默认账户名/密码: elastic/changeme

#登陆页面

1.3.4 正式破解过程

  • 创建文件, LicenseVerifier.java, 需编译此文件后替换x-pack的jar包中的对应文件
Python
package org.elasticsearch.license;

import java.nio.*;
import java.util.*;
import java.security.*;
import org.elasticsearch.common.xcontent.*;
import org.apache.lucene.util.*;
import org.elasticsearch.common.io.*;
import java.io.*;

public class LicenseVerifier
{
    public static boolean verifyLicense(final License license, final byte[] encryptedPublicKeyData) {
        return true;
    }

    public static boolean verifyLicense(final License license) {
        return true;
    }
}
  • 编译生成class文件
Python
javac -cp "/Users/willdx/elk_stack/elasticsearch-5.5.0/lib/elasticsearch-5.5.0.jar:/Users/willdx/elk_stack/elasticsearch-5.5.0/lib/lucene-core-6.6.0.jar:/Users/willdx/elk_stack/elasticsearch-5.5.0/plugins/x-pack/x-pack-5.5.0.jar" LicenseVerifier.java

更新license

  • 替换 x-pack 中对应文件
Python
cd /Users/willdx/elk_stack/elasticsearch-5.5.0/plugins/x-pack/
mkdir test
cd test
cp /Users/willdx/elk_stack/packages/x-pack-5.5.0.zip .

# 解包
unzip x-pack-5.5.0.zip
cp elasticsearch/x-pack-5.5.0.jar .
jar xvf x-pack-5.5.0.jar
rm x-pack-5.5.0.jar

# 替换
cd org/elasticsearch/license
rm -f LicenseVerifier.class
mv /Users/willdx/elk_stack/LicenseVerifier.class .

# 重新打包
cd /Users/willdx/elk_stack/elasticsearch-5.5.0/plugins/x-pack/test
jar cvf x-pack-5.5.0.jar .
cp x-pack-5.5.0.jar ../
  • 申请license

#已破解后的过期时间

点击上图框选部分, 得到下图:(按照官方文档进行查询和更新 license)

#申请 license

  • 修改license文件
Python
# vim dai-xiang-174d190e-429d-4452-abd7-3e081d5a4abd-v5.json
{license:{uid:174d190e-429d-4452-abd7-3e081d5a4abd,type:platinum,issue_date_               in_millis:1500940800000,expiry_date_in_millis:9532563199999,max_nodes:100,issued_          to:dai xiang (xingzhe),issuer:Web Form,signature:AAAAAwAAAA1XWQCMgFaiOyQkTQL2              BmC9ZN0hjZDBGYnVyRXpCOW5Bb3FjZDAxOWpSbTVoMVZwUzRxVk1PSmkxaktJRVl5MUYvUWh3bHZVUTllbXN    PbzBUemtnbWpBbmlWRmRZb25KNFlBR2x0TXc2K2p1Y1VtMG1UQU9TRGZVSGRwaEJGUjE3bXd3LzRqZ05iLzRteW    FNekdxRGpIYlFwYkJiNUs0U1hTVlJKNVlXekMrSlVUdFIvV0FNeWdOYnlESDc3MWhlY3hSQmdKSjJ2ZTcvYlBFO    HhPQlV3ZHdDQ0tHcG5uOElCaDJ4K1hob29xSG85N0kvTWV3THhlQk9NL01VMFRjNDZpZEVXeUtUMXIyMlIveFpJ    Ukk2WUdveEZaME9XWitGUi9WNTZVQW1FMG1DenhZU0ZmeXlZakVEMjZFT2NvOWxpZGlqVmlHNC8rWVVUYzMwRGV    ySHpIdURzKzFiRDl4TmM1TUp2VTBOUlJZUlAyV0ZVL2kvVk10L0NsbXNFYVZwT3NSU082dFNNa2prQ0ZsclZ4NT    ltbU1CVE5lR09Bck93V2J1Y3c9PQAAAQAq3BbqmitjNvcS7t11JZWEcpO2IN50Jge5tY+WXiS3LY/jFQirCCrKl    unW+XHecdc/Po6WrEY6F5++nZtuUqaYPLGKq+wWUwSTM24OULtuW5OnNTGfYhPVS/OSNnHcbA/5N5mwO8RPjqkl    dilEVuSxy2sSu+da4oj3AJKQojy+ZeNvL2I41tChTwUM6TpHSTgdlVa5bUW5/A9k9tnMqiwmNQnJC1I2CcjgZRT    B+BTjs7tfMZ+cnVTy3nvZurrUPP2uLaGzzOtrvKa76qpwQD2JZtogljSE+Zc2wkfkqvgEvTlVw+AjDaNQfdLxrO    JGzUadwLUcjhWR2mOD6hIfXe7O,start_date_in_millis:1500940800000}}
  • 更新 license
Python
curl -XPUT -u elastic 'http://127.0.0.1:9200/_xpack/license?acknowledge=true' -H "Content-Type: application/json" -d @dai-xiang-174d190e-429d-4452-abd7-3e081d5a4abd-v5.json

curl -XGET -u elastic:changeme 'http://127.0.0.1:9200/_xpack/license'
{
  "license" : {
    "status" : "active",
    "uid" : "174d190e-429d-4452-abd7-3e081d5a4abd",
    "type" : "platinum", # 铂金级别账号认证
    "issue_date" : "2017-07-25T00:00:00.000Z",
    "issue_date_in_millis" : 1500940800000,
    "expiry_date" : "2272-01-28T14:13:19.999Z",
    "expiry_date_in_millis" : 9532563199999,
    "max_nodes" : 100,
    "issued_to" : "dai xiang (xxxx)",
    "issuer" : "Web Form",
    "start_date_in_millis" : 1500940800000
  }
}

1.3.5 最终结果

可以看到多出来了几项: 机器学习, Graph, Monitor 功能

可以看到管理功能也丰富了很多:

Raw
Security 部分有用户和角色登陆;
Elasticsearch 部分可以进行一些参数的监控, 记录相应日志; 
Kibana 部分新增加了 Reporting

2. elasticsearch升级

可以参考文档