- install codiad
@ git clone https://github.com/Codiad/Codiad.git
Steps to reproduction 1. Setup a vulnerable environment on ubuntu server with Codiad 2.8.4 (latest version)
@ chmod o+w config.php
@ chmod o+w workspace
@ chmod o+w plugins
@ chmod o+w themes
@ chmod o+w data
2.
@ git clone https://github.com/hidog123/Codiad-CVE-2018-14009.gi
3. Launch the exploit and then get a reverse shell