Metadata-Version: 2.4
Name: ptelastic
Version: 0.0.21
Summary: Tool for testing Elasticsearch vulnerabilities and misconfigurations.
Home-page: https://www.penterep.com/
Author: Penterep
Author-email: info@penterep.com
License: GPLv3
Project-URL: homepage, https://www.penterep.com/
Project-URL: repository, https://github.com/penterep/ptelastic
Project-URL: tracker, https://github.com/penterep/ptelastic/issues
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: Implementation :: CPython
Classifier: Environment :: Console
Classifier: Topic :: Security
Classifier: License :: OSI Approved :: GNU General Public License v3 (GPLv3)
Requires-Python: >=3.12
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: ptlibs<2,>=1.0.32
Requires-Dist: packaging
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: description-content-type
Dynamic: home-page
Dynamic: license
Dynamic: license-file
Dynamic: project-url
Dynamic: requires-dist
Dynamic: requires-python
Dynamic: summary

[![penterepTools](https://www.penterep.com/external/penterepToolsLogo.png)](https://www.penterep.com/)


## PTELASTIC

Security testing tool for identifying, fingerprinting, and exploiting vulnerabilities in Elasticsearch instances.  
The tool:
- Identifies whether or not Elasticsearch is running on a host
- Identifies whether it is running on HTTP or HTTPS
- Identifies whether or not it has authentication enabled
- Enumerates:
   - Elasticsearch version
   - Modules, their version and description
   - Installed plugins and their version
   - Users, their roles and privileges
- Tests for the following CVEs:
   - CVE-2015-5531
   - CVE-2015-1427
   - CVE-2014-3120
   - CVE-2015-3337
   - any other CVE the host might be vulnerable to
- Dumps:
   - Structure of indices
   - Data from indices

## Installation

```
pip install ptelastic
```

## Adding to PATH
If you're unable to invoke the script from your terminal, it's likely because it's not included in your PATH. You can resolve this issue by executing the following commands, depending on the shell you're using:

For Bash Users
```bash
echo "export PATH=\"`python3 -m site --user-base`/bin:\$PATH\"" >> ~/.bashrc
source ~/.bashrc
```

For ZSH Users
```bash
echo "export PATH=\"`python3 -m site --user-base`/bin:\$PATH\"" >> ~/.zshrc
source ~/.zshrc
```

## Usage examples
```
ptelastic -u https://www.example.com/
```

## Options
```
   -u   --url                              <url>                             Connect to URL
   -ts  --tests                            <test>                            Specify one or more tests to perform:
                                            AUTH                             Elasticsearch authentication test
                                            CVE-2014-3120                    Elasticsearch CVE-2014-3120 test
                                            CVE-2015-1427                    Elasticsearch CVE-2015-1427 test
                                            CVE-2015-3337                    Elasticsearch CVE-2015-3337 test
                                            CVE-2015-5531                    Elasticsearch CVE-2015-5531 test
                                            CVE-LOOKUP                       Elasticsearch CVE lookup
                                            DATA_DUMP                        Elasticsearch data dump module
                                            HTTPS                            Elasticsearch HTTP/S test
                                            IS_ELASTIC                       Elasticsearch availability test
                                            STRUCTURE_DUMP                   Elasticsearch data structure test
                                            SW                               Elasticsearch software test
                                            USERS                            Elasticsearch user enumeration
                                                                               
   -p   --proxy                            <proxy>                           Set proxy (e.g. http://127.0.0.1:8080)
   -T   --timeout                          <miliseconds>                     Set timeout (default 10)
   -t   --threads                          <threads>                         Set thread count (default 10)
   -c   --cookie                           <cookie>                          Set cookie
   -a   --user-agent                       <a>                               Set User-Agent header
   -H   --headers                          <header:value>                    Set custom header(s)
   -r   --redirects                                                          Follow redirects (default False)
   -vv  --verbose                                                            Enable verbose mode
   -v   --version                                                            Show script version and exit
   -h   --help                                                               Show this help message and exit
   -j   --json                                                               Output in JSON format
   -U   --user                                                               Set user to authenticate as
   -P   --password                                                           Set password to authenticate with
   -F   --file                             </path/to/file>                   File to read if host is vulnerable to CVE-2015-5531 (default /etc/passwd)
   -di  --dump-index<index1, index2, ...>  Specify index to dump with data_dump module
   -df  --dump-field                       <field1,field2, field3.subfield>  Specify fields to dump with data_dump module
   -o   --output                           <filename>                        Specify the name of the file to store structure/data dump to
   -b   --built-in                                                           Enumerate/dump built-in Elasticsearch indexes
```

## Dependencies
```
ptlibs>=1.0.32
packaging
requests
```

## License

Copyright (c) 2025 Penterep Security s.r.o.

ptelastic is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

ptelastic is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with ptelastic. If not, see https://www.gnu.org/licenses/.

## Warning

You are only allowed to run the tool against the websites which
you have been given permission to pentest. We do not accept any
responsibility for any damage/harm that this application causes to your
computer, or your network. Penterep is not responsible for any illegal
or malicious use of this code. Be Ethical!





