no access to remote machines after connecting

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • devopn
    Junior Member
    • Oct 2024
    • 4

    no access to remote machines after connecting

    Hello guys, i need your help. I use openvpn with my own server and it's work(as a proxy). But when i try to use it with foreign configs i cant access machines in these networks. For example HackTheBox or TryHackMe. I get some packets, but most of them're lost! It looks random and i dont know how fix it. I trying to fix it myself for a while, but i tryed all that i know. Please help me.
    How i connect
    Code:
    vicpel@cracker:~/Downloads $ sudo openvpn tryhackme.ovpn      
    2024-10-27 23:00:02 --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
    2024-10-27 23:00:02 OpenVPN 2.5.11 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 17 2024
    2024-10-27 23:00:02 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
    2024-10-27 23:00:02 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    2024-10-27 23:00:02 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
    2024-10-27 23:00:02 TCP/UDP: Preserving recently used remote address: [AF_INET]52.16.156.56:1194
    2024-10-27 23:00:02 Socket Buffers: R=[212992->212992] S=[212992->212992]
    2024-10-27 23:00:02 UDP link local: (not bound)
    2024-10-27 23:00:02 UDP link remote: [AF_INET]52.16.156.56:1194
    2024-10-27 23:00:02 TLS: Initial packet from [AF_INET]52.16.156.56:1194, sid=ba0b7fab bcc7ce51
    2024-10-27 23:00:02 VERIFY OK: depth=1, CN=ChangeMe
    2024-10-27 23:00:02 VERIFY KU OK
    2024-10-27 23:00:02 Validating certificate extended key usage
    2024-10-27 23:00:02 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
    2024-10-27 23:00:02 VERIFY EKU OK
    2024-10-27 23:00:02 VERIFY OK: depth=0, CN=server
    2024-10-27 23:00:03 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1585', remote='link-mtu 1601'
    2024-10-27 23:00:03 WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 256'
    2024-10-27 23:00:03 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
    2024-10-27 23:00:03 [server] Peer Connection Initiated with [AF_INET]52.16.156.56:1194
    2024-10-27 23:00:04 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
    2024-10-27 23:00:04 PUSH: Received control message: 'PUSH_REPLY,route 10.10.0.0 255.255.0.0,route-metric 1000,route-gateway 10.23.0.1,topology subnet,ping 5,ping-restart 120,ifconfig 10.23.35.12 255.255.0.0,peer-id 66'
    2024-10-27 23:00:04 OPTIONS IMPORT: timers and/or timeouts modified
    2024-10-27 23:00:04 OPTIONS IMPORT: --ifconfig/up options modified
    2024-10-27 23:00:04 OPTIONS IMPORT: route options modified
    2024-10-27 23:00:04 OPTIONS IMPORT: route-related options modified
    2024-10-27 23:00:04 OPTIONS IMPORT: peer-id set
    2024-10-27 23:00:04 OPTIONS IMPORT: adjusting link_mtu to 1624
    2024-10-27 23:00:04 Using peer cipher 'AES-256-CBC'
    2024-10-27 23:00:04 Data Channel: using negotiated cipher 'AES-256-CBC'
    2024-10-27 23:00:04 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
    2024-10-27 23:00:04 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
    2024-10-27 23:00:04 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
    2024-10-27 23:00:04 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
    2024-10-27 23:00:04 net_route_v4_best_gw query: dst 0.0.0.0
    2024-10-27 23:00:04 net_route_v4_best_gw result: via 10.60.25.1 dev wlp1s0
    2024-10-27 23:00:04 ROUTE_GATEWAY 10.60.25.1/255.255.255.0 IFACE=wlp1s0 HWADDR=50:5a:65:51:51:df
    2024-10-27 23:00:04 TUN/TAP device tun0 opened
    2024-10-27 23:00:04 net_iface_mtu_set: mtu 1500 for tun0
    2024-10-27 23:00:04 net_iface_up: set tun0 up
    2024-10-27 23:00:04 net_addr_v4_add: 10.23.35.12/16 dev tun0
    2024-10-27 23:00:04 net_route_v4_add: 10.10.0.0/16 via 10.23.0.1 dev [NULL] table 0 metric 1000
    2024-10-27 23:00:04 Initialization Sequence Completed[B][/B]
    After that i had this interface
    Code:
    docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
            inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
            ether 02:42:52:e3:4e:3b  txqueuelen 0  (Ethernet)
            RX packets 0  bytes 0 (0.0 B)
            RX errors 0  dropped 0  overruns 0  frame 0
            TX packets 0  bytes 0 (0.0 B)
            TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    
    lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
            inet 127.0.0.1  netmask 255.0.0.0
            inet6 ::1  prefixlen 128  scopeid 0x10<host>
            loop  txqueuelen 1000  (Local Loopback)
            RX packets 907935  bytes 86612941 (86.6 MB)
            RX errors 0  dropped 0  overruns 0  frame 0
            TX packets 907935  bytes 86612941 (86.6 MB)
            TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    
    tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
            inet 10.23.35.12  netmask 255.255.0.0  destination 10.23.35.12
            inet6 fe80::1253:7ee2:1def:b209  prefixlen 64  scopeid 0x20<link>
            unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
            RX packets 0  bytes 0 (0.0 B)
            RX errors 0  dropped 0  overruns 0  frame 0
            TX packets 85  bytes 5040 (5.0 KB)
            TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    
    wlp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
            inet 10.60.25.14  netmask 255.255.255.0  broadcast 10.60.25.255
            inet6 fe80::3b24:d1b0:956c:cd9f  prefixlen 64  scopeid 0x20<link>
            ether 50:5a:65:51:51:df  txqueuelen 1000  (Ethernet)
            RX packets 463294  bytes 164898054 (164.8 MB)
            RX errors 0  dropped 359  overruns 0  frame 0
            TX packets 1070051  bytes 1342672990 (1.3 GB)
            TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0​
    I thinked that tun0 10.10.10.10 are collised with wlp1s0, but i had not enough experience to research it.
    After connect tryhackme say that i have connected

    Click image for larger version

Name:	image.png
Views:	30
Size:	60.9 KB
ID:	471​​

    But when i try to ping some machines i get no response

    Click image for larger version

Name:	image.png
Views:	22
Size:	262.5 KB
ID:	472
    TryHackMe just an example. I have similar issues with HackTheBox and always when i try connect to diff network.


    I would be extremely grateful if you could help me figure out the problem!
  • devopn
    Junior Member
    • Oct 2024
    • 4

    #2
    ip route
    Code:
    default via 192.168.174.67 dev wlp1s0 proto dhcp metric 600
    10.9.0.0/16 dev tun0 proto kernel scope link src 10.9.1.213
    10.10.0.0/16 via 10.9.0.1 dev tun0 metric 1000
    169.254.0.0/16 dev docker0 scope link metric 1000 linkdown
    172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
    192.168.174.0/24 dev wlp1s0 proto kernel scope link src 192.168.174.144 metric 600

    Comment

    Working...
    😀
    😂
    🥰
    😘
    🤢
    😎
    😞
    😡
    👍
    👎