# 未认证的ElasticsearchDB

```
端口9200，用shodan查找，通过GET请求来确认
发送GET请求/_cat/indices?v 列出所有索引
发送GET请求/_stats/?pretty=1 也可以查到信息
发送GET请求/_all/_search?q=email 查询email，可以换成username,user,password,token
要查询特定索引，可以将“_all”替换为要搜索的索引的名称
另一种有用的技术是通过向“/INDEX_NAME_HERE/_mapping?pretty=1”端点发出 GET 请求来列出所有字段名称
查询包含特定字段名称的所有值，请使用以下命令“/_all/_search?q=_exists:email&pretty=1”。 这将返回包含名为 email 的字段名称（列）的文档
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.heresecurity.wiki/shang-jin-ji-qiao/wei-ren-zheng-de-elasticsearchdb.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.