教程参考:https://blog.espnlol.com/?p=504

破解过程

前期准备

  • 准备反编译工具

    破解中要用户反编译工具 luyten,根据自动环境下载相应的版本

    https://github.com/deathmarine/Luyten/releases
    

    最新版本的osx 版本不适用 macos 10.15版本以上的系统,可以使用jar 包

    jar -jar luyten-0.5.4.jar
    
  • 需要破解x-pack文件

    找到x-pack文件modules/x-pack-core/x-pack-core-7.6.1.jar 注:如果是rpm安装的,modules目录位于/usr/share/elasticsearch下,如果下载的二进制包,就在你解压出来的目录里

破解文件

修改文件

  1. 使用luyten打开x-pack-core-7.6.1.jar,将org.elasticsearch.license.LicenseVerifierorg.elasticsearch.xpack.core.XPackBuild两个源码文件提取出来(找到相应目录,另存为就可以了,文件名分别为LicenseVerifier.java,XPackBuild.java),进行编辑,文件内容分别如下(其实就是把认证部分去掉了)
  • LicenseVerifier.java
package org.elasticsearch.license;
 
import java.nio.*;
import org.elasticsearch.common.bytes.*;
import java.security.*;
import java.util.*;
import org.elasticsearch.common.xcontent.*;
import org.apache.lucene.util.*;
import org.elasticsearch.core.internal.io.*;
import java.io.*;
 
public class LicenseVerifier
{
    public static boolean verifyLicense(final License license, final byte[] publicKeyData) {
        return true;
    }
    
    public static boolean verifyLicense(final License license) {
        return true;
    }
}
  • XPackBuild.java
package org.elasticsearch.xpack.core;

import org.elasticsearch.common.io.*;
import java.net.*;
import org.elasticsearch.common.*;
import java.nio.file.*;
import java.io.*;
import java.util.jar.*;

public class XPackBuild
{
    public static final XPackBuild CURRENT;
    private String shortHash;
    private String date;
    
    @SuppressForbidden(reason = "looks up path of xpack.jar directly")
    static Path getElasticsearchCodebase() {
        final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
        try {
            return PathUtils.get(url.toURI());
        }
        catch (URISyntaxException bogus) {
            throw new RuntimeException(bogus);
        }
    }
    
    XPackBuild(final String shortHash, final String date) {
        this.shortHash = shortHash;
        this.date = date;
    }
    
    public String shortHash() {
        return this.shortHash;
    }
    
    public String date() {
        return this.date;
    }
    
    static {
        final Path path = getElasticsearchCodebase();
        String shortHash = null;
        String date = null;
        Label_0109: {
            shortHash = "Unknown";
            date = "Unknown";
        }
        CURRENT = new XPackBuild(shortHash, date);
    }
}
  1. 将上面的两个源码文件编译成class文件
# 编译LicenseVerifier.java
/data/elasticsearch-7.6.1/jdk/bin/javac -cp "/data/elasticsearch-7.6.1/lib/*:/data/elasticsearch-7.6.1/modules/x-pack-core/*" /root/x-pack-pojie/LicenseVerifier.java

# 编译XPackBuild.java
/data/elasticsearch-7.6.1/jdk/bin/javac -cp "/data/elasticsearch-7.6.1/lib/*:/data/elasticsearch-7.6.1/modules/x-pack-core/*" /root/x-pack-pojie/XPackBuild.java
  1. 替换x-pack-core-7.6.1.jar里的LicenseVerifier.class和XPackBuild.class并生成新jar包
cp /data/elasticsearch-7.6.1/modules/x-pack-core/x-pack-core-7.6.1.jar /root/x-pack-pojie/
cd /root/x-pack-pojie/
jar -xvf x-pack-core-7.6.1.jar
# 替换.class文件
cp XPackBuild.class /root/x-pack-pojie/org/elasticsearch/xpack/core/
cp LicenseVerifier.class /root/x-pack-pojie/org/elasticsearch/license/
# 打包成jar
jar -cvf x-pack-core-7.6.1.jar ./*
#替换生成jar包
cp x-pack-core-7.6.1.jar /data/elasticsearch-7.6.1/modules/x-pack-core/

申请License

elastic官网申请一个license, License申请地址,申请完成后,下载下来的License格式为json格式。并将该License的typeexpiry_date_in_millismax_nodes分别修改成platinum47540989310009999。如下:

{"license":
    {
        "uid":"2f544f9a-3cac-43e2-b7c0-180b175b3db3",
        "type":"platinum",
        "issue_date_in_millis":1598250909777,
        "expiry_date_in_millis":4754007973000,
        "max_nodes":9999,
        "issued_to":"work",
        "issuer":"Web Form",
        "signature":"AAAAAwAAAA3fIq7NLN3Blk2olVjbAAABmC9ZN0hjZDBGYnVyRXpCOW5Bb3FjZDAxOWpSbTVoMVZwUzRxVk1PSmkxaktJRVl5MUYvUWh3bHZVUTllbXNPbzBUemtnbWpBbmlWRmRZb25KNFlBR2x0TXc2K2p1Y1VtMG1UQU9TRGZVSGRwaEJGUjE3bXd3LzRqZ05iLzRteWFNekdxRGpIYlFwYkJiNUs0U1hTVlJKNVlXekMrSlVUdFIvV0FNeWdOYnlESDc3MWhlY3hSQmdKSjJ2ZTcvYlBFOHhPQlV3ZHdDQ0tHcG5uOElCaDJ4K1hob29xSG85N0kvTWV3THhlQk9NL01VMFRjNDZpZEVXeUtUMXIyMlIveFpJUkk2WUdveEZaME9XWitGUi9WNTZVQW1FMG1DenhZU0ZmeXlZakVEMjZFT2NvOWxpZGlqVmlHNC8rWVVUYzMwRGVySHpIdURzKzFiRDl4TmM1TUp2VTBOUlJZUlAyV0ZVL2kvVk10L0NsbXNFYVZwT3NSU082dFNNa2prQ0ZsclZ4NTltbU1CVE5lR09Bck93V2J1Y3c9PQAAAQCjNd8mwy8B1sm9rGrgTmN2Gjm/lxqfnTEpTc+HOEmAgwQ7Q1Ye/FSGVNIU/enZ5cqSzWS2mY8oZ7FM/7UPKVQ4hkarWn2qye964MW+cux54h7dqxlSB19fG0ZJOJZxxwVxxi8iyJPUSQBa+QN8m7TFkK2kVmP+HnhU7mGUrqXt3zTk5d3pZw3QBQ/Rr3wmSYC5pxV6/o2UHFgu1OPDcX+kEb+UZtMrVNneR+cEwyx7o5Bg3rbKC014T+lMtt69Y080JDI5KfHa7e9Ul0c3rozIL975fP45dU175D4PKZy98cvHJgtsCJF3K8XUZKo2lOcbsWzhK2mZ5kFp0BMXF3Hs",
        "start_date_in_millis":1598250909777
    }
}

设置elasticsearch 密码

如果不是新安装的 es,这一步略过

  1. 修改/etc/elasticsearch/elasticsearch.yml,加到最后一句
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
  1. 重启elasticsearch shell
systemctl restart elasticsearch
  1. 提前设定es等组件的密码

这里我的用户和密码为 elastic/elastic

/usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive

导入license.json

先把配置文件里的刚才配置选项(xpack.security.enabled)值改为false

curl -XPUT -u elastic:elastic 'http://192.168.112.231:9200/_xpack/license' -H "Content-Type: application/json" -d @license.json

返回如下结果表示导入成功

{"acknowledged":true,"license_status":"valid"}

开启安全配置选项

  1. xpack.security.enabled 改为 true

  2. 重启es

systemctl restart elasticsearch

查看License

curl -XGET -u elastic:elastic http://192.168.112.86:9200/_license

返回结果,注意下 expiry_date 字段

{
  "license" : {
    "status" : "active",
    "uid" : "2f544f9a-3cac-43e2-b7c0-180b175b3db3",
    "type" : "platinum",
    "issue_date" : "2020-08-24T06:35:09.777Z",
    "issue_date_in_millis" : 1598250909777,
    "expiry_date" : "2120-08-25T05:46:13.000Z",
    "expiry_date_in_millis" : 4754007973000,
    "max_nodes" : 9999,
    "issued_to" : "work",
    "issuer" : "Web Form",
    "start_date_in_millis" : 1598250909777
  }
}