Docker下安装kibana

kibana6.4.0 docker安装

下载kibana6.4.0的docker镜像:

docker pull kibana:6.4.0

使用docker命令启动:

docker run --name kibana -p 5601:5601 \
--link elasticsearch:es \
-e "elasticsearch.hosts=http://es:9200" \
-d kibana:6.4.0

开启防火墙:

firewall-cmd --zone=public --add-port=5601/tcp --permanent
firewall-cmd --reload

访问地址进行测试:http://ip:5601
image

kibana7.17.6 docker安装

下载kibana7.17.6的docker镜像:

docker pull kibana:7.17.6

添加配置:kibana.yml

#
# ** THIS IS AN AUTO-GENERATED FILE **
#

# Default Kibana configuration for docker target
server.name: kibana
server.host: "0.0.0.0"
elasticsearch.hosts: [ "http://127.0.0.1:9200" ]
xpack.monitoring.ui.container.elasticsearch.enabled: true
# 设置中文显示
i18n.locale: "zh-CN"

使用docker命令启动:

docker run -d \
  --name=kibana \
  --restart=always \
  -p 5601:5601 \
  -v /docker/elk/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml \
  kibana:7.17.6

访问验证
http://192.168.68.200:5601/app/home#/

破解 x-pack

声明:x-pack 是 elasticsearch 的一个收费的扩展包,将权限管理,警告,监视等功能捆绑在一个易于安装的软件包中,x-pack 被设计为一个无缝的工作,但是你可以轻松的启用或者关闭一些功能。在这里主要通过如何破解来启用 x-pack 的一些功能进行学习,仅供技术分享,禁止商业用途!
步骤:
下载 docker 安装 elasticsearch 中的 x-pack-core-7.17.6.jar 文件,到本地
在本地解压缩后,提取class文件: org.elasticsearch.license.LicenseVerifier、org.elasticsearch.xpack.core.XPackBuild
本地创建工程 x-pack-core-7.17.6 引入相关 elasticsearch 依赖包,修改验证代码
重新打包,并把 class 文件压缩到本地的 x-pack-core-7.17.6.jar 之后上传到 docker elasticsearch 对应的 module 目录下
重新启动 Kibana,上传破解 license.json
综上步骤可以破解 x-pack 核心功能,接下来逐步演示操作。

下载 x-pack-core-7.17.6.jar

docker cp elasticsearch:/usr/share/elasticsearch/modules/x-pack-core/x-pack-core-7.17.6.jar /tmp

获取Jar包查看工具Luyten,你可以可以使用其他的工具,GitHub

定位到两个文件:然后点击File–Save As 另存为java源码文件:
image

修改源码

org.elasticsearch.license/LicenseVerifier.class 另存后:LicenseVerifier.java
image

LicenseVerifier.java 修改
package org.elasticsearch.license;

import java.nio.*;
import org.elasticsearch.common.bytes.*;
import java.security.*;
import java.util.*;
import org.elasticsearch.common.xcontent.*;
import org.apache.lucene.util.*;
import org.elasticsearch.core.internal.io.*;
import java.io.*;

public class LicenseVerifier
{
    public static boolean verifyLicense(final License license, final byte[] publicKeyData) {
        /* 注释掉这一大段
        byte[] signedContent = null;
        byte[] publicKeyFingerprint = null;
        try {
            final byte[] signatureBytes = Base64.getDecoder().decode(license.signature());
            final ByteBuffer byteBuffer = ByteBuffer.wrap(signatureBytes);
            final int version = byteBuffer.getInt();
            final int magicLen = byteBuffer.getInt();
            final byte[] magic = new byte[magicLen];
            byteBuffer.get(magic);
            final int hashLen = byteBuffer.getInt();
            publicKeyFingerprint = new byte[hashLen];
            byteBuffer.get(publicKeyFingerprint);
            final int signedContentLen = byteBuffer.getInt();
            signedContent = new byte[signedContentLen];
            byteBuffer.get(signedContent);
            final XContentBuilder contentBuilder = XContentFactory.contentBuilder(XContentType.JSON);
            license.toXContent(contentBuilder, (ToXContent.Params)new ToXContent.MapParams((Map)Collections.singletonMap("license_spec_view", "true")));
            final Signature rsa = Signature.getInstance("SHA512withRSA");
            rsa.initVerify(CryptUtils.readPublicKey(publicKeyData));
            final BytesRefIterator iterator = BytesReference.bytes(contentBuilder).iterator();
            BytesRef ref;
            while ((ref = iterator.next()) != null) {
                rsa.update(ref.bytes, ref.offset, ref.length);
            }
            return rsa.verify(signedContent);
        }
        catch (IOException ex) {}
        catch (NoSuchAlgorithmException ex2) {}
        catch (SignatureException ex3) {}
        catch (InvalidKeyException e) {
            throw new IllegalStateException(e);
        }
        finally {
            if (signedContent != null) {
                Arrays.fill(signedContent, (byte)0);
            }
        }
         */
        return true; // 增加这行
    }
    
    public static boolean verifyLicense(final License license) {
        /* 注释掉这一大段
        byte[] publicKeyBytes;
        try {
            final InputStream is = LicenseVerifier.class.getResourceAsStream("/public.key");
            try {
                final ByteArrayOutputStream out = new ByteArrayOutputStream();
                Streams.copy(is, (OutputStream)out);
                publicKeyBytes = out.toByteArray();
                if (is != null) {
                    is.close();
                }
            }
            catch (Throwable t) {
                if (is != null) {
                    try {
                        is.close();
                    }
                    catch (Throwable t2) {
                        t.addSuppressed(t2);
                    }
                }
                throw t;
            }
        }
        catch (IOException ex) {
            throw new IllegalStateException(ex);
        }
        return verifyLicense(license, publicKeyBytes);
        */
        return true; // 增加这行
    }
}

org.elasticsearch.xpack.core/XPackBuild.class 另存后:XPackBuild.java
image
XPackBuild.java 修改

package org.elasticsearch.xpack.core;

import org.elasticsearch.common.io.*;
import java.net.*;
import org.elasticsearch.common.*;
import java.nio.file.*;
import java.io.*;
import java.util.jar.*;

public class XPackBuild
{
    public static final XPackBuild CURRENT;
    private String shortHash;
    private String date;
    
    @SuppressForbidden(reason = "looks up path of xpack.jar directly")
    static Path getElasticsearchCodebase() {
        final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
        try {
            return PathUtils.get(url.toURI());
        }
        catch (URISyntaxException bogus) {
            throw new RuntimeException(bogus);
        }
    }
    
    XPackBuild(final String shortHash, final String date) {
        this.shortHash = shortHash;
        this.date = date;
    }
    
    public String shortHash() {
        return this.shortHash;
    }
    
    public String date() {
        return this.date;
    }
    
    static {
        final Path path = getElasticsearchCodebase();
        String shortHash = null;
        String date = null;
        Label_0109: {
            /* 注释掉这一大段即可
            if (path.toString().endsWith(".jar")) {
                try {
                    final JarInputStream jar = new JarInputStream(Files.newInputStream(path, new OpenOption[0]));
                    try {
                        final Manifest manifest = jar.getManifest();
                        shortHash = manifest.getMainAttributes().getValue("Change");
                        date = manifest.getMainAttributes().getValue("Build-Date");
                        jar.close();
                    }
                    catch (Throwable t) {
                        try {
                            jar.close();
                        }
                        catch (Throwable t2) {
                            t.addSuppressed(t2);
                        }
                        throw t;
                    }
                    break Label_0109;
                }
                catch (IOException e) {
                    throw new RuntimeException(e);
                }
            }
             */
            shortHash = "Unknown";
            date = "Unknown";
        }
        CURRENT = new XPackBuild(shortHash, date);
    }
}

java源代码已经更改完毕,下面就是生成class文件,然后替换原来的class文件即可:

下载破解需要的jar

新建文件夹
mkdir -p /tmp/lib/ /tmp/modules/x-pack-core/
docker cp elasticsearch:/usr/share/elasticsearch/lib/ /tmp/lib/
docker cp elasticsearch:/usr/share/elasticsearch/modules/x-pack-core/ /tmp/modules/x-pack-core/

生成class文件

执行这段脚本,就可以得到2个Java代码对应的class文件

ES_HOME="/tmp"
ES_JAR=$(cd $ES_HOME && ls lib/elasticsearch-[0-9]*.jar)
ESCORE_JAR=$(cd $ES_HOME && ls lib/elasticsearch-core-*.jar)
LUCENE_JAR=$(cd $ES_HOME && ls lib/lucene-core-*.jar)
XPACK_JAR=$(cd $ES_HOME && ls modules/x-pack-core/x-pack-core/x-pack-core-*.jar)

ES_HOME="/tmp"
ES_JAR=$(cd $ES_HOME && ls lib/elasticsearch-[0-9]*.jar)
ES_JAR2=$(cd $ES_HOME && ls lib/elasticsearch-x-content-[0-9]*.jar)
ESCORE_JAR=$(cd $ES_HOME && ls lib/elasticsearch-core-*.jar)
LUCENE_JAR=$(cd $ES_HOME && ls lib/lucene-core-*.jar)
XPACK_JAR=$(cd $ES_HOME && ls modules/x-pack-core/x-pack-core/x-pack-core-*.jar)

javac -cp "${ES_HOME}/${ES_JAR}:${ES_HOME}/${LUCENE_JAR}:${ES_HOME}/${XPACK_JAR}:${ES_HOME}/${ESCORE_JAR}:${ES_HOME}/${ES_JAR2}" LicenseVerifier.java
javac -cp "${ES_HOME}/${ES_JAR}:${ES_HOME}/${LUCENE_JAR}:${ES_HOME}/${XPACK_JAR}:${ES_HOME}/${ESCORE_JAR}" XPackBuild.java

压缩破解包

可以使用360压缩,替换对应的class文件
image

替换破解包

docker cp /tmp/x-pack-core-7.17.6.jar elasticsearch:/usr/share/elasticsearch/modules/x-pack-core

上传许可

【可选】从官网下载许可:https://license.elastic.co/registration - 下载后更改有效期,许可证书分有三类GOLD(黄金),PLATINUM(白金),ENTERPRISE(企业),我上面把type手动改成了白金版,然后再把过期时间改到了2050年
直接使用已经下载好的:https://gitee.com/xiaohai008/x-pack-core-7.17.6/raw/master/license.json
上传许可,如下:http://192.168.68.200:5601/app/kibana#/management/elasticsearch/license_management/home?_g=()
image
image

posted @ 2019-12-08 20:33  尐海爸爸  阅读(1006)  评论(0编辑  收藏  举报