This is an exploit for a recently disclosed remote code execution vulnerability in the ElasticSearch software. Basically, whatever "genius" came up with ElasticSearch decided that allowing remote, unauthenticated users to execute arbritary Java code via JSON requests was clever, and then decided that a shitty sandbox would make the whole shebang "secure". This exploit, unfortunately, is not up to the standards of previous ones, due to badchar limitations meaning I could not drop a shell properly without using wget - and I decided that using wget was unacceptable due to reliance on third parties to host our backconnect, so instead, we have a semi-interactive shell with which you can execute commands and drop your own connect back payloads and suchlike.