Skip to main content

Codo

Difficulty: Easy

Codo Notes & Methodology
#

Start Here: Service Discovery
#

This includes my mistakes, reasoning, and rabbit holes – it’s not the most direct way to solve the box!

Findings
#

Vulnerabilities and Suggested Remediation
#

  • Codoforum uses weak, default credentials (admin:admin)
    • Change credentials to be strong and non-default
  • Codoforum version is vulnerable to RCE by CVE-2022-31854
    • Update Codoforum version
  • Root password is weak and exposed in the application’s config.php
    • The root password should be unique and complex

Credentials
#

admin:admin (http://$IP/admin default credentials)
root:FatPanda123 (discovered in /var/www/html/sites/default/config.php)

Flags
#

/root/proof.txt: a90f47b544fbb19e56ca100dd358be

OSCP Note Template and Runbooks
#

This is my checklist of commands and methodologies to use while taking the OSCP. Feel free to use, adapt for your own use, or open a PR with suggestions!

  • Clone the template and copy/rename for each machine
  • Start with ‘Service Discovery’ and move between the other pages as applicable

0001