Docker下安装kibana
kibana6.4.0 docker安装
下载kibana6.4.0的docker镜像:
docker pull kibana:6.4.0
使用docker命令启动:
docker run --name kibana -p 5601:5601 \
--link elasticsearch:es \
-e "elasticsearch.hosts=http://es:9200" \
-d kibana:6.4.0
开启防火墙:
firewall-cmd --zone=public --add-port=5601/tcp --permanent
firewall-cmd --reload
访问地址进行测试:http://ip:5601
kibana7.17.6 docker安装
下载kibana7.17.6的docker镜像:
docker pull kibana:7.17.6
添加配置:kibana.yml
#
# ** THIS IS AN AUTO-GENERATED FILE **
#
# Default Kibana configuration for docker target
server.name: kibana
server.host: "0.0.0.0"
elasticsearch.hosts: [ "http://127.0.0.1:9200" ]
xpack.monitoring.ui.container.elasticsearch.enabled: true
# 设置中文显示
i18n.locale: "zh-CN"
使用docker命令启动:
docker run -d \
--name=kibana \
--restart=always \
-p 5601:5601 \
-v /docker/elk/kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml \
kibana:7.17.6
访问验证
http://192.168.68.200:5601/app/home#/
破解 x-pack
声明:x-pack 是 elasticsearch 的一个收费的扩展包,将权限管理,警告,监视等功能捆绑在一个易于安装的软件包中,x-pack 被设计为一个无缝的工作,但是你可以轻松的启用或者关闭一些功能。在这里主要通过如何破解来启用 x-pack 的一些功能进行学习,仅供技术分享,禁止商业用途!
步骤:
下载 docker 安装 elasticsearch 中的 x-pack-core-7.17.6.jar 文件,到本地
在本地解压缩后,提取class文件: org.elasticsearch.license.LicenseVerifier、org.elasticsearch.xpack.core.XPackBuild
本地创建工程 x-pack-core-7.17.6 引入相关 elasticsearch 依赖包,修改验证代码
重新打包,并把 class 文件压缩到本地的 x-pack-core-7.17.6.jar 之后上传到 docker elasticsearch 对应的 module 目录下
重新启动 Kibana,上传破解 license.json
综上步骤可以破解 x-pack 核心功能,接下来逐步演示操作。
下载 x-pack-core-7.17.6.jar
docker cp elasticsearch:/usr/share/elasticsearch/modules/x-pack-core/x-pack-core-7.17.6.jar /tmp
获取Jar包查看工具Luyten,你可以可以使用其他的工具,GitHub
定位到两个文件:然后点击File–Save As 另存为java源码文件:
修改源码
org.elasticsearch.license/LicenseVerifier.class 另存后:LicenseVerifier.java
LicenseVerifier.java 修改
package org.elasticsearch.license;
import java.nio.*;
import org.elasticsearch.common.bytes.*;
import java.security.*;
import java.util.*;
import org.elasticsearch.common.xcontent.*;
import org.apache.lucene.util.*;
import org.elasticsearch.core.internal.io.*;
import java.io.*;
public class LicenseVerifier
{
public static boolean verifyLicense(final License license, final byte[] publicKeyData) {
/* 注释掉这一大段
byte[] signedContent = null;
byte[] publicKeyFingerprint = null;
try {
final byte[] signatureBytes = Base64.getDecoder().decode(license.signature());
final ByteBuffer byteBuffer = ByteBuffer.wrap(signatureBytes);
final int version = byteBuffer.getInt();
final int magicLen = byteBuffer.getInt();
final byte[] magic = new byte[magicLen];
byteBuffer.get(magic);
final int hashLen = byteBuffer.getInt();
publicKeyFingerprint = new byte[hashLen];
byteBuffer.get(publicKeyFingerprint);
final int signedContentLen = byteBuffer.getInt();
signedContent = new byte[signedContentLen];
byteBuffer.get(signedContent);
final XContentBuilder contentBuilder = XContentFactory.contentBuilder(XContentType.JSON);
license.toXContent(contentBuilder, (ToXContent.Params)new ToXContent.MapParams((Map)Collections.singletonMap("license_spec_view", "true")));
final Signature rsa = Signature.getInstance("SHA512withRSA");
rsa.initVerify(CryptUtils.readPublicKey(publicKeyData));
final BytesRefIterator iterator = BytesReference.bytes(contentBuilder).iterator();
BytesRef ref;
while ((ref = iterator.next()) != null) {
rsa.update(ref.bytes, ref.offset, ref.length);
}
return rsa.verify(signedContent);
}
catch (IOException ex) {}
catch (NoSuchAlgorithmException ex2) {}
catch (SignatureException ex3) {}
catch (InvalidKeyException e) {
throw new IllegalStateException(e);
}
finally {
if (signedContent != null) {
Arrays.fill(signedContent, (byte)0);
}
}
*/
return true; // 增加这行
}
public static boolean verifyLicense(final License license) {
/* 注释掉这一大段
byte[] publicKeyBytes;
try {
final InputStream is = LicenseVerifier.class.getResourceAsStream("/public.key");
try {
final ByteArrayOutputStream out = new ByteArrayOutputStream();
Streams.copy(is, (OutputStream)out);
publicKeyBytes = out.toByteArray();
if (is != null) {
is.close();
}
}
catch (Throwable t) {
if (is != null) {
try {
is.close();
}
catch (Throwable t2) {
t.addSuppressed(t2);
}
}
throw t;
}
}
catch (IOException ex) {
throw new IllegalStateException(ex);
}
return verifyLicense(license, publicKeyBytes);
*/
return true; // 增加这行
}
}
org.elasticsearch.xpack.core/XPackBuild.class 另存后:XPackBuild.java
XPackBuild.java 修改
package org.elasticsearch.xpack.core;
import org.elasticsearch.common.io.*;
import java.net.*;
import org.elasticsearch.common.*;
import java.nio.file.*;
import java.io.*;
import java.util.jar.*;
public class XPackBuild
{
public static final XPackBuild CURRENT;
private String shortHash;
private String date;
@SuppressForbidden(reason = "looks up path of xpack.jar directly")
static Path getElasticsearchCodebase() {
final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
try {
return PathUtils.get(url.toURI());
}
catch (URISyntaxException bogus) {
throw new RuntimeException(bogus);
}
}
XPackBuild(final String shortHash, final String date) {
this.shortHash = shortHash;
this.date = date;
}
public String shortHash() {
return this.shortHash;
}
public String date() {
return this.date;
}
static {
final Path path = getElasticsearchCodebase();
String shortHash = null;
String date = null;
Label_0109: {
/* 注释掉这一大段即可
if (path.toString().endsWith(".jar")) {
try {
final JarInputStream jar = new JarInputStream(Files.newInputStream(path, new OpenOption[0]));
try {
final Manifest manifest = jar.getManifest();
shortHash = manifest.getMainAttributes().getValue("Change");
date = manifest.getMainAttributes().getValue("Build-Date");
jar.close();
}
catch (Throwable t) {
try {
jar.close();
}
catch (Throwable t2) {
t.addSuppressed(t2);
}
throw t;
}
break Label_0109;
}
catch (IOException e) {
throw new RuntimeException(e);
}
}
*/
shortHash = "Unknown";
date = "Unknown";
}
CURRENT = new XPackBuild(shortHash, date);
}
}
java源代码已经更改完毕,下面就是生成class文件,然后替换原来的class文件即可:
下载破解需要的jar
新建文件夹
mkdir -p /tmp/lib/ /tmp/modules/x-pack-core/
docker cp elasticsearch:/usr/share/elasticsearch/lib/ /tmp/lib/
docker cp elasticsearch:/usr/share/elasticsearch/modules/x-pack-core/ /tmp/modules/x-pack-core/
生成class文件
执行这段脚本,就可以得到2个Java代码对应的class文件
ES_HOME="/tmp"
ES_JAR=$(cd $ES_HOME && ls lib/elasticsearch-[0-9]*.jar)
ESCORE_JAR=$(cd $ES_HOME && ls lib/elasticsearch-core-*.jar)
LUCENE_JAR=$(cd $ES_HOME && ls lib/lucene-core-*.jar)
XPACK_JAR=$(cd $ES_HOME && ls modules/x-pack-core/x-pack-core/x-pack-core-*.jar)
ES_HOME="/tmp"
ES_JAR=$(cd $ES_HOME && ls lib/elasticsearch-[0-9]*.jar)
ES_JAR2=$(cd $ES_HOME && ls lib/elasticsearch-x-content-[0-9]*.jar)
ESCORE_JAR=$(cd $ES_HOME && ls lib/elasticsearch-core-*.jar)
LUCENE_JAR=$(cd $ES_HOME && ls lib/lucene-core-*.jar)
XPACK_JAR=$(cd $ES_HOME && ls modules/x-pack-core/x-pack-core/x-pack-core-*.jar)
javac -cp "${ES_HOME}/${ES_JAR}:${ES_HOME}/${LUCENE_JAR}:${ES_HOME}/${XPACK_JAR}:${ES_HOME}/${ESCORE_JAR}:${ES_HOME}/${ES_JAR2}" LicenseVerifier.java
javac -cp "${ES_HOME}/${ES_JAR}:${ES_HOME}/${LUCENE_JAR}:${ES_HOME}/${XPACK_JAR}:${ES_HOME}/${ESCORE_JAR}" XPackBuild.java
压缩破解包
可以使用360压缩,替换对应的class文件
替换破解包
docker cp /tmp/x-pack-core-7.17.6.jar elasticsearch:/usr/share/elasticsearch/modules/x-pack-core
上传许可
【可选】从官网下载许可:https://license.elastic.co/registration - 下载后更改有效期,许可证书分有三类GOLD(黄金),PLATINUM(白金),ENTERPRISE(企业),我上面把type手动改成了白金版,然后再把过期时间改到了2050年
直接使用已经下载好的:https://gitee.com/xiaohai008/x-pack-core-7.17.6/raw/master/license.json
上传许可,如下:http://192.168.68.200:5601/app/kibana#/management/elasticsearch/license_management/home?_g=()
