Codo Notes & Methodology

Start Here: Service Discovery

This includes my mistakes, reasoning, and rabbit holes — it’s not the most direct way to solve the box!

Findings

Vulnerabilities and Suggested Remediation

Codoforum uses weak, default credentials (admin:admin)
- Change credentials to be strong and non-default
Codoforum version is vulnerable to RCE by CVE-2022-31854
- Update Codoforum version
Root password is weak and exposed in the application’s config.php
- The root password should be unique and complex

Credentials

admin:admin (http://$IP/admin default credentials)
root:FatPanda123 (discovered in /var/www/html/sites/default/config.php)

Flags

/root/proof.txt: a90f47b544fbb19e56ca100dd358be

OSCP Note Template and Runbooks

This is my checklist of commands and methodologies to use while taking the OSCP. Feel free to use, adapt for your own use, or open a PR with suggestions!

Clone this site’s repo, open ‘content’ in Obsidian, and copy the template’s directory for each machine
Start with ‘Service Discovery’ and move between the other pages as applicable

Veilcat

Explorer

Latest

OSCP 🐲

Medjed

OSCP Note Template and Runbooks

Codo

Codo Notes & Methodology

Start Here: Service Discovery

Findings

Vulnerabilities and Suggested Remediation

Credentials

Flags

OSCP Note Template and Runbooks

Service Enumeration

Privilege Escalation

Service Discovery

Graph View

Table of Contents

Backlinks