Requirements:

Step 1: Install Java JDK 17

Elasticsearch is a Java application and requires a Java Development Kit (JDK) to run.

  1. On your Windows Server 2019 VM, open the Edge browser you installed.
  2. Search for “OpenJDK 17 download/jdk 17 install” (Microsoft, Oracle, Red Hat etc are all good providers).
  3. Download the Windows x64 JDK as a .zip file (not the JRE).
  4. Once downloaded, extract the .zip file to a simple, permanent location, such as C:\Program Files\Java\jdk-17. es_1

Step 2: Set the JAVA_HOME Environment Variable

This tells Windows where to find the Java installation.

  1. In the Windows Start Menu, type “environment” and select “Edit the system environment variables”.
  2. The “System Properties” window will open. Click the “Environment Variables…” button at the bottom.
  3. In the bottom half, under “System variables”, click the “New…” button.
    • Variable name: JAVA_HOME
    • Variable value: C:\Program Files\Java\jdk-17 (or the path where you extracted the JDK)
  4. Click OK.
  5. Still in “System variables,” find the “Path” variable, select it, and click “Edit…”.
  6. Click “New” and add a new entry: %JAVA_HOME%\bin
  7. Click OK on all windows to close them. To verify the install: Open a new Command Prompt and type java -version. It should show “OpenJDK version 17…”. es_2

if you are having this kind of error on accessing the env variables section: es_3 Then follow the second path:

  1. press win + R
  2. write sysdm.cpl and press enter. Then click on to advanced tab, click Environment variables .
  3. Now you can rejoin the previous step - 3

Step 3: Download and Unzip Elasticsearch

  1. Go to the official “Past Releases” page for Elasticsearch (search for “Elasticsearch past releases”).
  2. Find a modern version you want to use, for example, version 7.17.10 (a popular, stable release from the 7.x series) or any 8.x version.
  3. Click the “Download” link and get the Windows .zip file.
  4. Create a folder for your server, for example: C:\Elasticsearch.
  5. Extract the entire contents of the .zip file into that folder. Your final path will look something like C:\Elasticsearch\elasticsearch-7.17.10.

Step 4: Deliberately Misconfigure Elasticsearch

This is the most important step. You will edit the main configuration file to add the “vulnerabilities.”

  1. Navigate into your Elasticsearch folder, then into the config sub-folder.
    • Example: C:\Elasticsearch\elasticsearch-7.17.10\config
  2. Open the file named elasticsearch.yml in a text editor like Notepad.
  3. This file is mostly comments (lines starting with #). Scroll to the very end of the file and add the following lines on a new line. (This avoids accidentally editing a commented-out line).
# --- DANGEROUS SETTINGS FOR PENTEST LAB ---

# 1. This disables all security (authentication, passwords, etc.)
xpack.security.enabled: false
xpack.security.transport.ssl.enabled: false
xpack.security.http.ssl.enabled: false

# 2. This binds Elasticsearch to ALL network adapters (0.0.0.0)
# This is what makes it accessible from your Kali machine
network.host: 0.0.0.0

# 3. This helps a single-node cluster start up (often needed for dev)
discovery.type: single-node

es_4 4. Save the elasticsearch.yml file and close the text editor.


Step 5: Run the Server

  1. Open a Command Prompt.
  2. Navigate to your Elasticsearch installation directory:
cd C:\Elasticsearch\elasticsearch-7.17.10
  1. Run the server using its batch file:
bin\elasticsearch.bat
  • A lot of text will scroll by. Wait until you see messages indicating the server has started and is “publishing” its address. You may see a warning about security being disabled—this is expected and confirms your misconfiguration is working.
  • Leave this command prompt open! Closing it will shut down the server. es_5