声明:本文仅作为学习交流,请勿用于商业用途,否则后果自负。如需使用黄金或白金版X-Pack请购买正版。
文章采用的ELK版本为5.4.3,其他版本没有做过验证。本文参考了博文http://blog.csdn.net/u013066244/article/details/73927756的破解方法,并解决了破解后空指针问题。
首先需要正常安装Kibana 5.4.3和ElasticSearch 5.4.3及其x-pack组件。
ElasticSearch 破解步骤如下:
1.下载ElasticSearch 目录中的/plugins/x-pack/x-pack-5.4.3.jar,并反编译。
注:此处要用 Luyten 来进行反编译,jd-gui有些文件反编译不出来。
主要需要反编译的两个文件:
org/elasticsearch/license/LicenseVerifier.class org/elasticsearch/xpack/XPackBuild.class
反编译后,将这两个文件做如下修改,并保存问java文件。
LicenseVerifier.java,跳过校验部分,直接返回true
package org.elasticsearch.license; public class LicenseVerifier { public static boolean verifyLicense(final License license, final byte[] array) { return true; } public static boolean verifyLicense(final License license) { return true; } }
XPackBuild.java,主要修改static部分,获取hash和date,这两个值需要跟“curl XGET ${es_host}/_xpack”这个命令执行结果中的build的值一样,如果有需要,可以直接sysout输出到控制台,然后update到es中
package org.elasticsearch.xpack; import org.elasticsearch.common.io.*; import java.net.*; import org.elasticsearch.common.*; import java.nio.file.*; import java.io.*; import java.util.jar.*; public class XPackBuild { public static final XPackBuild CURRENT; private String shortHash; private String date; @SuppressForbidden(reason = "looks up path of xpack.jar directly") static Path getElasticsearchCodebase() { final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation(); try { return PathUtils.get(url.toURI()); } catch (URISyntaxException bogus) { throw new RuntimeException(bogus); } } XPackBuild(final String shortHash, final String date) { this.shortHash = shortHash; this.date = date; } public String shortHash() { return this.shortHash; } public String date() { return this.date; } static { final Path path = getElasticsearchCodebase(); String shortHash = null; String date = null; if (path.toString().endsWith(".jar")) { try { // JarInputStream jar = new JarInputStream(Files.newInputStream(path)); JarFile jar = new JarFile(path.toString()); Manifest manifest = jar.getManifest(); shortHash = manifest.getMainAttributes().getValue("Change"); date = manifest.getMainAttributes().getValue("Build-Date"); } catch (IOException e) { throw new RuntimeException(e); } } else { shortHash = "Unknown"; date = "Unknown"; } // System.out.println("hash:"+ shortHash); // System.out.println("date:"+ date); CURRENT = new XPackBuild(shortHash, date); } }
2. 将这两个java上传到服务器中,进行javac编译,我的es安装路径:/usr/local/elastic/elasticsearch-node1,以下用${es_dir}代替
javac -cp "${es_dir}/lib/elasticsearch-5.4.3.jar:${es_dir}/lib/lucene-core-6.5.1.jar:${es_dir}/plugins/x-pack/x-pack-5.4.3.jar" LicenseVerifier.java javac -cp "${es_dir}/lib/elasticsearch-5.4.3.jar:${es_dir}/lib/lucene-core-6.5.1.jar:${es_dir}/plugins/x-pack/x-pack-5.4.3.jar" XPackBuild.java
3. 将编译好的两个class下载到本地,用压缩工具将其打包覆盖到x-pack-5.4.3.jar中。
4. 将修改好的x-pack-5.4.3.jar上传到${es_host}/plugins/x-pack/中,将原来的覆盖掉,如果是集群,则每个节点都需要覆盖。
5. 更新之后,启动ES。
6. 去官网申请license,将得到一个类似如下json格式的文件
{ "license": { "uid": "fd2deee3-*****-4fd959056bea", "type": "platinum", "issue_date_in_millis": 1504051200000, "expiry_date_in_millis": 1598922000000, "max_nodes": 100, "issued_to": "hong king", "issuer": "Web Form", "signature": "AAAAAwAAA.......N长的一串.......zdGJHVbnD3yd", "start_date_in_millis": 1504051200000 } }
将其中的type修改为“platinum”,过期时间(expiry_date_in_millis)随便设置一个将来的日期,其他数据视实际情况修改。将文件保存为license.json
7. 将license.json文件上传到服务器,并执行以下命令
curl -XPUT -u elastic:changeme 'http://192.168.1.115:9200/_xpack/license' -d @license.json
注:如果有多个节点,则每个节点都需要按这个命令进行license更新
8. 再次重启ES就OK了。
Kibana的破解:
如果这端不做修改,目前也没有问题,不过我不知道在expiry_date_in_millis时间之后会不会有什么问题,为了保险起见可以按如下步骤处理。
1. 修改${kibana}/plugins/x-pack/server/lib/_xpack_info.js文件,将其中需要验证的函数方法都返回true,修改后的文件如下
import { createHash } from 'crypto'; import moment from 'moment'; import { get, set, includes, forIn } from 'lodash'; import Poller from './poller'; import { LICENSE_EXPIRY_SOON_DURATION_IN_DAYS } from './constants'; export default function _xpackInfo(server, pollFrequencyInMillis, clusterSource = 'data') { if(!pollFrequencyInMillis) { const config = server.config(); pollFrequencyInMillis = config.get('xpack.xpack_main.xpack_api_polling_frequency_millis'); } let _cachedResponseFromElasticsearch; const _licenseCheckResultsGenerators = {}; const _licenseCheckResults = {}; let _cachedXPackInfoJSON; let _cachedXPackInfoJSONSignature; const poller = new Poller({ functionToPoll: _callElasticsearchXPackAPI, successFunction: _handleResponseFromElasticsearch, errorFunction: _handleErrorFromElasticsearch, pollFrequencyInMillis, continuePollingOnError: true }); const xpackInfoObject = { license: { getUid: function () { return get(_cachedResponseFromElasticsearch, 'license.uid'); }, isActive: function () { // return get(_cachedResponseFromElasticsearch, 'license.status') === 'active'; return true; }, expiresSoon: function () { // const expiryDateMillis = get(_cachedResponseFromElasticsearch, 'license.expiry_date_in_millis'); // const expirySoonDate = moment.utc(expiryDateMillis).subtract(moment.duration(LICENSE_EXPIRY_SOON_DURATION_IN_DAYS, 'days')); // return moment.utc().isAfter(expirySoonDate); return false; }, getExpiryDateInMillis: function () { return get(_cachedResponseFromElasticsearch, 'license.expiry_date_in_millis'); }, isOneOf: function (candidateLicenses) { if (!Array.isArray(candidateLicenses)) { candidateLicenses = [ candidateLicenses ]; } return includes(candidateLicenses, get(_cachedResponseFromElasticsearch, 'license.mode')); }, getType: function () { return get(_cachedResponseFromElasticsearch, 'license.type'); } }, feature: function (feature) { return { isAvailable: function () { // return get(_cachedResponseFromElasticsearch, 'features.' + feature + '.available'); return true; }, isEnabled: function () { // return get(_cachedResponseFromElasticsearch, 'features.' + feature + '.enabled'); return true; }, registerLicenseCheckResultsGenerator: function (generator) { _licenseCheckResultsGenerators[feature] = generator; _updateXPackInfoJSON(); }, getLicenseCheckResults: function () { return _licenseCheckResults[feature]; } }; }, isAvailable: function () { // return !!_cachedResponseFromElasticsearch && !!get(_cachedResponseFromElasticsearch, 'license'); return true; }, getSignature: function () { return _cachedXPackInfoJSONSignature; }, refreshNow: function () { const self = this; return _callElasticsearchXPackAPI() .then(_handleResponseFromElasticsearch) .catch(_handleErrorFromElasticsearch) .then(() => self); }, stopPolling: function () { // This method exists primarily for unit testing poller.stop(); }, toJSON: function () { return _cachedXPackInfoJSON; } }; const cluster = server.plugins.elasticsearch.getCluster(clusterSource); function _callElasticsearchXPackAPI() { server.log([ 'license', 'debug', 'xpack' ], 'Calling Elasticsearch _xpack API'); return cluster.callWithInternalUser('transport.request', { method: 'GET', path: '/_xpack' }); }; function _updateXPackInfoJSON() { const json = {}; // Set response elements common to all features set(json, 'license.type', xpackInfoObject.license.getType()); set(json, 'license.isActive', xpackInfoObject.license.isActive()); set(json, 'license.expiryDateInMillis', xpackInfoObject.license.getExpiryDateInMillis()); // Set response elements specific to each feature. To do this, // call the license check results generator for each feature, passing them // the xpack info object forIn(_licenseCheckResultsGenerators, (generator, feature) => { _licenseCheckResults[feature] = generator(xpackInfoObject); // return value expected to be a dictionary object }); set(json, 'features', _licenseCheckResults); _cachedXPackInfoJSON = json; _cachedXPackInfoJSONSignature = createHash('md5') .update(JSON.stringify(json)) .digest('hex'); } function _hasLicenseInfoFromElasticsearchChanged(response) { const cachedResponse = _cachedResponseFromElasticsearch; return (get(response, 'license.mode') !== get(cachedResponse, 'license.mode') || get(response, 'license.status') !== get(cachedResponse, 'license.status') || get(response, 'license.expiry_date_in_millis') !== get(cachedResponse, 'license.expiry_date_in_millis')); } function _getLicenseInfoForLog(response) { const mode = get(response, 'license.mode'); const status = get(response, 'license.status'); const expiryDateInMillis = get(response, 'license.expiry_date_in_millis'); return [ 'mode: ' + mode, 'status: ' + status, 'expiry date: ' + moment(expiryDateInMillis, 'x').format() ].join(' | '); } function _handleResponseFromElasticsearch(response) { if (_hasLicenseInfoFromElasticsearchChanged(response)) { let changed = ''; if (_cachedResponseFromElasticsearch) { changed = 'changed '; } const licenseInfo = _getLicenseInfoForLog(response); const logMessage = `Imported ${changed}license information from Elasticsearch for [${clusterSource}] cluster: ${licenseInfo}`; server.log([ 'license', 'info', 'xpack' ], logMessage); } _cachedResponseFromElasticsearch = response; _updateXPackInfoJSON(); } function _handleErrorFromElasticsearch(error) { server.log([ 'license', 'warning', 'xpack' ], 'License information could not be obtained from Elasticsearch. ' + error); _cachedResponseFromElasticsearch = null; _updateXPackInfoJSON(); // allow tests to shutdown error.info = xpackInfoObject; throw error; } // Start polling for changes return poller.start() .then(() => xpackInfoObject); }
2. 删除${kibana}/optimize下的所有编译文件
3. 启动kibana
完工,附件为破解后的jar包和license文件。
补充:另一破解思路是,自己生成RSA的公钥私钥,然后按照 LicenseVerifier里的验证方法,自己写一个加密方法计算license.signature,然后替换jar中的public.key,上传后,再导入license.json,该方法没有验证,等后期验证完再详细说明。
在整个破解过程中,在按照参考博文进行破解时也碰到空指针错误,经排查是XPackBuild用JarInputStream读取jar包后,获取不到Manifest 对象,所以改用JarFile来读取jar包文件。
参考链接:http://blog.csdn.net/u013066244/article/details/73927756
相关推荐
x-pack 6.4.2 elasticsearch 6.4.2 破解文件,仅供学习使用。
ElasticSearch(x-pack-core-6.5.1破解)替换elasticsearch/modules/x-pack-core/x-pack-core-6.5.1.jar ;重新启动ElasticSearch; https://license.elastic.co/registration 新申请试用License,并修改"expiry_...
ElasticSearch x-pack破解版 license.json 配合x-apcx.jar使用 x-pack5.6.4.jar链接:http://download.csdn.net/download/qq_21165007/10234323
ElasticSearch x-pack-core-6.5.4.jar 支持当前最新版本 1、替换文件 elasticsearch-6.5.4/modules/x-pack-core/x-pack-core-6.5.4.jar 2、到官网注册一个basic license(free) 3、修改license.json 将 "type":...
elasticsearch x-pack-core 6.5.0 破解版
x-pack-sql-jdbc-7.7.1是数据库客户端连接elasticsearch的驱动jdbc库
x-pack-elasticsearch-5.0.1.zip
x-pack-sql-jdbc-7.4.2
elk6.8.0 x-pack-core-6.8.0破解文件 日志文件系统,直接替换掉文件
替换elasticsearch/modules/x-pack-core/x-pack-core-6.4.3.jar,并更改证书5agame-non_production-156496a7-0586-4dc3-9dbd-249cb4e4d21e-v5.json
x-pack-sql-jdbc-7.8.0.jar 连接es的数据库jdbc 驱动包 x-pack-sql-jdbc-7.8.0.jar 连接es的数据库jdbc 驱动包
替换\elasticsearch-6.6.1\modules\x-pack\x-pack-core\x-pack-core-6.6.1.jar文件 可用
elasticSearch 6.8 客户端连接JAR包x-pack-sql-jdbc-6.8.0
x-pack-sql-jdbc-7.7.1 + x-pack-sql-jdbc-7.7.1是数据库客户端连接elasticsearch的驱动jdbc库
X-Pack 提供以下几个级别保护elastic集群 1)用户验证 2)授权和基于角色的访问控制 3)节点/客户端认证和信道加密 4)审计 通俗讲解: 安全防护功能:你是不是,不想别人直接访问你的5601,9200端口,这个,x-...
elasticsearch6.2.2版本的x-pack破解包,因项目需要破解后共享出来,免的再破解了
连接es所需jar包 ...-- https://mvnrepository.com/artifact/org.elasticsearch.plugin/x-pack-sql-jdbc --> <groupId>org.elasticsearch.plugin <artifactId>x-pack-sql-jdbc <version>6.8.15 </dependency>
当elasticsearch配置了x-pack后,我们需要引入该jar包,进行认证配置后,才可以连接上es,进行相关操作。
x-pack-core-6.4.3.jar 破解文件,下载替换后可以直接使用。 需要替换的文件由于安装方式可能会不同, 一般在/usr/share/elasticsearch/modules/x-pack-core/下。
替换\elasticsearch-6.6.0\modules\x-pack\x-pack-core\x-pack-core-6.6.1.jar文件 可用 可用licence:https://download.csdn.net/download/peace120/10968989