Starting point - Vaccine

Same issue. sqlmap freezes the site up!? Anyone know a work around?

Did you get round the issue, same thing happening to me.
Type your comment> @Inigma said:

I’m having the same issue with this machine, or at least a similar issue.
Everytime I run:
sudo sqlmap -u ‘http://10.10.10.46/dashboard.php?search=a’ --cookie=“PHPSESSID=” --os-shell
It starts to timeout and then I can’t browse or do anything until the labs reset.

Sorry, my comment isn’t helpful.

@sa1lor unfortunately not. I just moved on to the next lab and forgot about this one tbh.

I’m having the same problem trying the sqlmap injection. Any ideas?

join "–time-sec 10 " and retry

same issue, GET parameter ‘search’ might not be injectable, all tested parameters do not aapear to be injectable

Type your comment> @Taurin said:

same issue, GET parameter ‘search’ might not be injectable, all tested parameters do not aapear to be injectable

Either you did not set the cookie parameter in sqlmap (you are being redirected to login page) or the HTTP server is stuck. It gets stuck always after someone tries to get os-shell there.

Found the best way to get the os-shell was to use burp with intercept mode on right from the login page; On the first packet which passes the PHPSESSION copy that into your sqlmap command and run it, I ran mine with --level 2 and --risk 2.

Once it was running then forward all the packets and then sqlmap responded correctly.

I finally rooted with the help of this thread and the Python script referenced within the thread: Machine name: vaccine stuck on getting SQL code execution shell - Machines - Hack The Box :: Forums

Type your comment> @Proelia said:

I’m following the walkthrough for “Vaccine” and when it says browse to port 80, I enter the IP (10.10.10.46) into firefox and it times out.

The machine has been restarted during the time I have been trying, am I missing something stupid?

Hey All - having the same issue with this one. Was there ever any solution or should I just leave it and move on to another? Thanks

Hello everyone.
I am having the same issue when trying to load the website from the Vaccine machine.
It just times out and when I use --reason with nmap i see the service has a no-response

Facing same issue of website timing out.
How to reset the box?

I have the same issue.

Same issue here aswell.

Same for me.

Same here, could we reset this device, please?

a restart would be good. I can ping the box but not connect to the web server

vote to reset the labs guys, its doing the same for me also :frowning:

I cant even navigate to the webpage. times out every time. And yes, I’m connected to the vpn. Had this issue a couple weeks ago, gave up - decided to try again as it seems like a fun challenge - but i cant connect

I’ve got the same issue. It seems to have something to do with sqlmap: I could access the website via the browser and can run sqlmap without the --os-shell flag. This works fine but when I tried to run sqlmap with --os-shell t times out and the website isn’t accessible any more…? Only on the next day I (after reset of the machine I think) I can access again. Does someone got an explanation for this?