Using Burpsuite in Part 3, I have tried the payload over a dozen times, and cannot get the remote shell to get the whoami and pwd answers.
I am looking for guidance/hints how to complete this section.
Thank you.
I just ran though the lab, and Part 3 works as written:
There are many (many) parts to this attack, can you share some screen shots of any error messages you get when you run the commands?
My main tip is be very sure to copy ONLY the parts that need to be copied, if you add or miss anything it will not work. Also, be sure to replace in the payload with that actual IP address of the Kali desktop.
If you are really stuck, then let’s connect on Discord and we can screen share.
Thank you. I’m not getting any error messages. I was just using Burp Suite and inserting the payload to try to get a shell, and no shell appeared.
I am going to wait overnight (it seems like the labs reset over night) to get to a “clean” lab and try again. I will let you know how it goes.
Sounds good, keep me posted!!
The labs actually reset 10 minutes after exiting - no need to wait overnight.
1 Like
Thank you CalmQuail. That saved me a lot of time.
JosephWhite - I tried again. The shell will work for Victim1. I have tried multiple times and the shell won’t work for Victim2 when I use Burp Suite and replace the rememberme string.
Let’s book a time to screen share then.
What time would be convenient (I am East Coast United States).
You could also (if you wouldn’t mind), just let me know what the whoami and pwd results are, since the Exercise is working for you. I’ve got the concept and execution, there is something not syncing to let that last reverse shell connect.
Are you on the Cybrary discord? I am also on the East Coast, and my afternoon is open.
I do need to see what you are doing, but yes, if you are launching the exploit correctly I will give you answers. I know deserialization exploits are tricky and I make mistakes all the time when checking that the lab is in fact working.
1 Like
SOLVED - Thank you for your time! I was working through it again and realized for the payload, I needed to remove the leading b’ and trailing '. The shell established successfully and I was able to get the whoami and pwd answers. We can close this issue.
1 Like
Awesome, congrats!!!