Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-14009 PoC — Codiad 安全漏洞

Source
https://github.com/pablocaraballofernandez/IDE-TryHackME-Spanish-Walkthrough-
Associated Vulnerability
Title:Codiad 安全漏洞 (CVE-2018-14009)
Description:Codiad是美国软件开发者Kent Safranski所研发的一套基于Web的IDE框架,它包含有项目/文件管理器和代码编辑器,主要用于在线编写和编辑代码。 Codiad 2.8.4及之前版本中存在安全漏洞。远程攻击者可利用该漏洞执行代码。
Description
Guía completa de la máquina IDE de TryHackMe | Explotación de Codiad CVE-2018-14009 | Escalada de privilegios
Readme
<div align="center">

#  TryHackMe - IDE 

</div>
<div align="center">

![TryHackMe](https://img.shields.io/badge/TryHackMe-212C42?style=for-the-badge&logo=tryhackme&logoColor=white)
![Linux](https://img.shields.io/badge/Linux-FCC624?style=for-the-badge&logo=linux&logoColor=black)
![Python](https://img.shields.io/badge/Python-3776AB?style=for-the-badge&logo=python&logoColor=white)
![Bash](https://img.shields.io/badge/Bash-4EAA25?style=for-the-badge&logo=gnu-bash&logoColor=white)

[![Writeup](https://img.shields.io/badge/Writeup-Complete-success?style=for-the-badge)](https://github.com/tuusuario/ide-writeup)
[![Difficulty](https://img.shields.io/badge/Difficulty-Easy-blue?style=for-the-badge)](https://tryhackme.com/room/ide)
[![Platform](https://img.shields.io/badge/Platform-Linux-orange?style=for-the-badge)](https://tryhackme.com)

</div>

##  Descripción

Guía completa y detallada de la máquina **IDE** de TryHackMe, documentando todo el proceso de penetración desde el reconocimiento inicial hasta la obtención de privilegios root. Este repositorio incluye explicaciones técnicas paso a paso, comandos utilizados y conceptos de seguridad aplicados.

##  Objetivos de la Máquina

- [x] Reconocimiento y enumeración de servicios
- [x] Explotación de servicio FTP con acceso anónimo
- [x] Ataque de fuerza bruta a aplicación web
- [x] Explotación de RCE en Codiad (CVE-2018-14009)
- [x] Movimiento lateral entre usuarios
- [x] Escalada de privilegios mediante sudo misconfiguration
- [x] Obtención de flags user.txt y root.txt

## 🛠 Tecnologías y Herramientas

### Herramientas de Pentesting
- **Nmap** - Escaneo de puertos y servicios
- **Burp Suite** - Interceptación y fuerza bruta
- **Netcat** - Reverse shells

### Clonar el Repositorio
```bash
git clone https://github.com/tuusuario/ide-writeup.git
cd ide-writeup
File Snapshot

 [4.0K]  /data/pocs/554901102531a81b7245c28360d05551e1491fcf
├── [ 12K]  IDE_ROOM.md
├── [4.0K]  Images
│   ├── [ 46K]  Burpsuite10.png
│   ├── [ 41K]  burpsuite11.png
│   ├── [ 72K]  burpsuite12.png
│   ├── [129K]  Codiad13.png
│   ├── [ 41K]  Codiad9.png
│   ├── [ 59K]  Exploit14.png
│   ├── [ 17K]  Exploit15.png
│   ├── [ 50K]  Exploit16.png
│   ├── [ 29K]  Exploit17.png
│   ├── [ 26K]  ftp4.png
│   ├── [ 24K]  ftp5.png
│   ├── [ 28K]  ftp6.png
│   ├── [ 37K]  ftp7.png
│   ├── [   1]  nmap1.jpg
│   ├── [215K]  nmap1.png
│   ├── [ 21K]  nmap2.png
│   ├── [112K]  nmap3.png
│   ├── [ 41K]  rename8.png
│   ├── [251K]  root25.png
│   ├── [3.1K]  root26.png
│   ├── [ 71K]  root27.png
│   ├── [ 30K]  user18.png
│   ├── [ 83K]  user19.png
│   ├── [5.6K]  user20.png
│   ├── [ 83K]  user21.png
│   ├── [ 12K]  user22.png
│   ├── [ 11K]  user23.png
│   └── [ 30K]  user24.png
└── [1.8K]  README.md

1 directory, 30 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.