The Reverse Shell Loop Me Back

I practicing my hacking skills on the JIS-CTF virtual machine taken from VulnHub. The machine is very easy to hack, however I have problem to get a fully functional reverse shell.
The attacking machine is my phisical machine with Parrot system and the victim machine is the JIS-CTF on the virtualbox environment.
There are 5 flags in total and I found 2 of them. The remaining 3 are to find through privilege escalation and therefore accessing with a reverse shell.
The network setup on virtualbox is host-only but when I tried to have a reverse shell with netcat or metasploit it doesn’t work.
On metasploit is not working and on netcat the reverse shell come back to me on my same attacking machine (it’s like I hacks my self).
I change the network setup on virtualbox with the first adapter on host-only and second adapter with NAT (I tried that setup first on another virtual machine with virtualbox and they can ping eachother). I swicth off the firewall of Parrot system as well. I triple check the PHP file to upload to have a reverse shell with my IP address. Unfortunately, I get the same result.
A reverse shell that hacks my self and not the victim machine.
Any help is super usefull