Elasticsearch7.6.1 破解
教程参考:https://blog.espnlol.com/?p=504
破解过程
前期准备
-
准备反编译工具
破解中要用户反编译工具 luyten,根据自动环境下载相应的版本
https://github.com/deathmarine/Luyten/releases
最新版本的osx 版本不适用 macos 10.15版本以上的系统,可以使用jar 包
jar -jar luyten-0.5.4.jar
-
需要破解x-pack文件
找到x-pack文件
modules/x-pack-core/x-pack-core-7.6.1.jar
注:如果是rpm安装的,modules目录位于/usr/share/elasticsearch
下,如果下载的二进制包,就在你解压出来的目录里
破解文件
修改文件
- 使用luyten打开x-pack-core-7.6.1.jar,将
org.elasticsearch.license.LicenseVerifier
和org.elasticsearch.xpack.core.XPackBuild
两个源码文件提取出来(找到相应目录,另存为就可以了,文件名分别为LicenseVerifier.java
,XPackBuild.java
),进行编辑,文件内容分别如下(其实就是把认证部分去掉了)
- LicenseVerifier.java
package org.elasticsearch.license;
import java.nio.*;
import org.elasticsearch.common.bytes.*;
import java.security.*;
import java.util.*;
import org.elasticsearch.common.xcontent.*;
import org.apache.lucene.util.*;
import org.elasticsearch.core.internal.io.*;
import java.io.*;
public class LicenseVerifier
{
public static boolean verifyLicense(final License license, final byte[] publicKeyData) {
return true;
}
public static boolean verifyLicense(final License license) {
return true;
}
}
- XPackBuild.java
package org.elasticsearch.xpack.core;
import org.elasticsearch.common.io.*;
import java.net.*;
import org.elasticsearch.common.*;
import java.nio.file.*;
import java.io.*;
import java.util.jar.*;
public class XPackBuild
{
public static final XPackBuild CURRENT;
private String shortHash;
private String date;
@SuppressForbidden(reason = "looks up path of xpack.jar directly")
static Path getElasticsearchCodebase() {
final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
try {
return PathUtils.get(url.toURI());
}
catch (URISyntaxException bogus) {
throw new RuntimeException(bogus);
}
}
XPackBuild(final String shortHash, final String date) {
this.shortHash = shortHash;
this.date = date;
}
public String shortHash() {
return this.shortHash;
}
public String date() {
return this.date;
}
static {
final Path path = getElasticsearchCodebase();
String shortHash = null;
String date = null;
Label_0109: {
shortHash = "Unknown";
date = "Unknown";
}
CURRENT = new XPackBuild(shortHash, date);
}
}
- 将上面的两个源码文件编译成class文件
# 编译LicenseVerifier.java
/data/elasticsearch-7.6.1/jdk/bin/javac -cp "/data/elasticsearch-7.6.1/lib/*:/data/elasticsearch-7.6.1/modules/x-pack-core/*" /root/x-pack-pojie/LicenseVerifier.java
# 编译XPackBuild.java
/data/elasticsearch-7.6.1/jdk/bin/javac -cp "/data/elasticsearch-7.6.1/lib/*:/data/elasticsearch-7.6.1/modules/x-pack-core/*" /root/x-pack-pojie/XPackBuild.java
- 替换
x-pack-core-7.6.1.jar
里的LicenseVerifier.class和XPackBuild.class并生成新jar包
cp /data/elasticsearch-7.6.1/modules/x-pack-core/x-pack-core-7.6.1.jar /root/x-pack-pojie/
cd /root/x-pack-pojie/
jar -xvf x-pack-core-7.6.1.jar
# 替换.class文件
cp XPackBuild.class /root/x-pack-pojie/org/elasticsearch/xpack/core/
cp LicenseVerifier.class /root/x-pack-pojie/org/elasticsearch/license/
# 打包成jar
jar -cvf x-pack-core-7.6.1.jar ./*
#替换生成jar包
cp x-pack-core-7.6.1.jar /data/elasticsearch-7.6.1/modules/x-pack-core/
申请License
elastic官网申请一个license, License申请地址,申请完成后,下载下来的License格式为json格式。并将该License的type
、expiry_date_in_millis
、max_nodes
分别修改成platinum
、4754098931000
、9999
。如下:
{"license":
{
"uid":"2f544f9a-3cac-43e2-b7c0-180b175b3db3",
"type":"platinum",
"issue_date_in_millis":1598250909777,
"expiry_date_in_millis":4754007973000,
"max_nodes":9999,
"issued_to":"work",
"issuer":"Web Form",
"signature":"AAAAAwAAAA3fIq7NLN3Blk2olVjbAAABmC9ZN0hjZDBGYnVyRXpCOW5Bb3FjZDAxOWpSbTVoMVZwUzRxVk1PSmkxaktJRVl5MUYvUWh3bHZVUTllbXNPbzBUemtnbWpBbmlWRmRZb25KNFlBR2x0TXc2K2p1Y1VtMG1UQU9TRGZVSGRwaEJGUjE3bXd3LzRqZ05iLzRteWFNekdxRGpIYlFwYkJiNUs0U1hTVlJKNVlXekMrSlVUdFIvV0FNeWdOYnlESDc3MWhlY3hSQmdKSjJ2ZTcvYlBFOHhPQlV3ZHdDQ0tHcG5uOElCaDJ4K1hob29xSG85N0kvTWV3THhlQk9NL01VMFRjNDZpZEVXeUtUMXIyMlIveFpJUkk2WUdveEZaME9XWitGUi9WNTZVQW1FMG1DenhZU0ZmeXlZakVEMjZFT2NvOWxpZGlqVmlHNC8rWVVUYzMwRGVySHpIdURzKzFiRDl4TmM1TUp2VTBOUlJZUlAyV0ZVL2kvVk10L0NsbXNFYVZwT3NSU082dFNNa2prQ0ZsclZ4NTltbU1CVE5lR09Bck93V2J1Y3c9PQAAAQCjNd8mwy8B1sm9rGrgTmN2Gjm/lxqfnTEpTc+HOEmAgwQ7Q1Ye/FSGVNIU/enZ5cqSzWS2mY8oZ7FM/7UPKVQ4hkarWn2qye964MW+cux54h7dqxlSB19fG0ZJOJZxxwVxxi8iyJPUSQBa+QN8m7TFkK2kVmP+HnhU7mGUrqXt3zTk5d3pZw3QBQ/Rr3wmSYC5pxV6/o2UHFgu1OPDcX+kEb+UZtMrVNneR+cEwyx7o5Bg3rbKC014T+lMtt69Y080JDI5KfHa7e9Ul0c3rozIL975fP45dU175D4PKZy98cvHJgtsCJF3K8XUZKo2lOcbsWzhK2mZ5kFp0BMXF3Hs",
"start_date_in_millis":1598250909777
}
}
设置elasticsearch 密码
如果不是新安装的 es,这一步略过
- 修改
/etc/elasticsearch/elasticsearch.yml
,加到最后一句
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
- 重启elasticsearch shell
systemctl restart elasticsearch
- 提前设定es等组件的密码
这里我的用户和密码为 elastic/elastic
/usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
导入license.json
先把配置文件里的刚才配置选项(xpack.security.enabled
)值改为false
curl -XPUT -u elastic:elastic 'http://192.168.112.231:9200/_xpack/license' -H "Content-Type: application/json" -d @license.json
返回如下结果表示导入成功
{"acknowledged":true,"license_status":"valid"}
开启安全配置选项
-
将
xpack.security.enabled
改为true
-
重启es
systemctl restart elasticsearch
查看License
curl -XGET -u elastic:elastic http://192.168.112.86:9200/_license
返回结果,注意下 expiry_date
字段
{
"license" : {
"status" : "active",
"uid" : "2f544f9a-3cac-43e2-b7c0-180b175b3db3",
"type" : "platinum",
"issue_date" : "2020-08-24T06:35:09.777Z",
"issue_date_in_millis" : 1598250909777,
"expiry_date" : "2120-08-25T05:46:13.000Z",
"expiry_date_in_millis" : 4754007973000,
"max_nodes" : 9999,
"issued_to" : "work",
"issuer" : "Web Form",
"start_date_in_millis" : 1598250909777
}
}