Starting Point machine [Vaccine]

edited March 2020 in Machines

I follow the tutorial and at one point it says to use sqlmap with --os-shell

The problem is that the machine has postgrest> 8.2 and that feature is not supported.

How do you continue with the tutorial? wait several hours to see if after rebooting it was fixed but it remains the same.

Comments

  • Getting this same error now, and we just reset the machines today!

  • Hi, i am reading the tutorial.
    How do you get the password for the ftpuser user? are you using brute force?

  • aboutblank retrace your steps in 'Oopsie' there was a folder you didn't look in when you got the root hash.

  • edited March 2020

    can confirm Vaccine was restored and I was able to get a shell.

    Edit: I have not been able to get another shell since I posted this. The tool times out after a few seconds of use, always in the same spot. I am forced to start over each time.

  • I've had this issue too, I was able to get in twice, once on the EU and US servers. Once in I get to the vi step but the whole thing bugs out and dies. Ever since, I haven't been able to get in.

    I have since moved on and completed other Starting Point Machines, but it bugs me that I know what I have to do but the script fails.

    Arrexel

  • I'm having the same issue. Its the only machine I'm missing.

    Is there a way to reset the machines?

    I'm not sure if I have to finish all machine in starting point to move to the other network.

  • Type your comment> @pl4g4 said:

    I'm having the same issue. Its the only machine I'm missing.

    Is there a way to reset the machines?

    I'm not sure if I have to finish all machine in starting point to move to the other network.

    No. You can move on. You just have to switch your VPN on the access page to one that doesn't say, "Starting Point"

    I have since moved on.

    Arrexel

  • I managed to resolve this issue by updating sqlmap:

    apt-get install --only-upgrade sqlmap

    nephilim13

  • once you've decrypted the backup.zip you have everything you need to finish this one. You can ssh in with the postgres credential and privesc from there.

  • For those stuck, I finally rooted with the help of this thread and the post about the Python script within it: https://forum.hackthebox.eu/discussion/3039/machine-name-vaccine-stuck-on-getting-sql-code-execution-shell

  • I stuck at the last step.. At the beginning it was successfully connected to reverse shell and I reached step with pg_hba.conf but while I've been messing with vim (didn't really get it, do I have to write down :!/bin/bash to the file?) the session was terminated a few times, and now I can't connect to shell, it's always like this: https://i.gyazo.com/e017f850cb5acffcb437a4a03c94d50c.png and there's nothing on nc

Sign In to comment.