Official SolarLab Discussion

This machine does work!, tried multiple VPNs, reviewed every character in the payload. and I don’t receive the rs.
only the redirect works
im sick of this, ■■■■

finally got a revshell after several hours, don’t know why didn’t work…
Is it normal that if launch a winPEASx64.exe (the system tells me it’s x64 architecture) nothing happens and the revshell freezes…?

nevermind, I had to wait for it to fully finish before printing results.

Did you have to do anything different? I keep getting the same error 500, but i’ve tried the rev powershell base64 with no joy.

1 Like

never mind, i managed to find the issue, if anyone else is having the issue really look and i mean look i was missing a ’ and that was it had one at the start but not the end! 3 hours for a poxy ’ lol

1 Like

the poc never work past the “curl IP”
I finally tried manually, it didn’t work at first, but probably because I kept on being loggout plus probably a ’ or ) missing or not using a base-encoding…
then I got it but too many variables…

can anyone help me ? after getting a revshell, I’m stuck at the port forwarding part

  • launched the chisel server on my side
  • download chisel windows version on remote machine
  • launched the chisel client command on solarlab but nothing in the output, no connection back to server…

Glad you worked it out!

please can u help me, i have intercept the poc, but can’y receive the shell back

Hello
please can u help me with this poc ?

hi @RumADay : big thanks for saving my 3rd day of wondering ‘why I still see status 500…’ :wink:

moving forward to root.txt :wink:

AMAZING BOX!!!

Rooted!
Very fun box and learned quite a few new techniques and technolgies. Very entertaining.
I am free for DMs on Discord if anyone needs any help!

What is happen to the box!?
Is it just for me that I can’t get revshell connection anymore…

Just yesterday get the revshell and user flag but today trying to get revshell again but can’t get any back… Is anybody experiencing same problem??

Whatever I solved the problem… My ip changed and I didnt realise that so when change the revhsell code with the right ip adress get call back

Hi, I managed to finish ‘solarlab’ but I have a question about the openfire CVE-2023-32315 exploit. I personally used the exploit downloaded from github but from what I noticed Metasploit also has this exploit in its equipment. Does anyone know how to configure proxychain so that the exploit from metasploit can be used? When running ‘proxychains msfconsole’ and trying to run the exploit I received errors. Unfortunately I was not able to bypass this and I am very curious how to configure proxychain and chisel so that it works with metasploit.

I can’t even get the initial foothold