no access to remote machines after connecting

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • devopn
    Junior Member
    • Oct 2024
    • 4
    #1

    no access to remote machines after connecting

    Hello guys, i need your help. I use openvpn with my own server and it's work(as a proxy). But when i try to use it with foreign configs i cant access machines in these networks. For example HackTheBox or TryHackMe. I get some packets, but most of them're lost! It looks random and i dont know how fix it. I trying to fix it myself for a while, but i tryed all that i know. Please help me.
    How i connect
    Code:
    vicpel@cracker:~/Downloads $ sudo openvpn tryhackme.ovpn      
2024-10-27 23:00:02 --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2024-10-27 23:00:02 OpenVPN 2.5.11 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 17 2024
2024-10-27 23:00:02 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
2024-10-27 23:00:02 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2024-10-27 23:00:02 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2024-10-27 23:00:02 TCP/UDP: Preserving recently used remote address: [AF_INET]52.16.156.56:1194
2024-10-27 23:00:02 Socket Buffers: R=[212992->212992] S=[212992->212992]
2024-10-27 23:00:02 UDP link local: (not bound)
2024-10-27 23:00:02 UDP link remote: [AF_INET]52.16.156.56:1194
2024-10-27 23:00:02 TLS: Initial packet from [AF_INET]52.16.156.56:1194, sid=ba0b7fab bcc7ce51
2024-10-27 23:00:02 VERIFY OK: depth=1, CN=ChangeMe
2024-10-27 23:00:02 VERIFY KU OK
2024-10-27 23:00:02 Validating certificate extended key usage
2024-10-27 23:00:02 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-10-27 23:00:02 VERIFY EKU OK
2024-10-27 23:00:02 VERIFY OK: depth=0, CN=server
2024-10-27 23:00:03 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1585', remote='link-mtu 1601'
2024-10-27 23:00:03 WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 256'
2024-10-27 23:00:03 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2024-10-27 23:00:03 [server] Peer Connection Initiated with [AF_INET]52.16.156.56:1194
2024-10-27 23:00:04 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2024-10-27 23:00:04 PUSH: Received control message: 'PUSH_REPLY,route 10.10.0.0 255.255.0.0,route-metric 1000,route-gateway 10.23.0.1,topology subnet,ping 5,ping-restart 120,ifconfig 10.23.35.12 255.255.0.0,peer-id 66'
2024-10-27 23:00:04 OPTIONS IMPORT: timers and/or timeouts modified
2024-10-27 23:00:04 OPTIONS IMPORT: --ifconfig/up options modified
2024-10-27 23:00:04 OPTIONS IMPORT: route options modified
2024-10-27 23:00:04 OPTIONS IMPORT: route-related options modified
2024-10-27 23:00:04 OPTIONS IMPORT: peer-id set
2024-10-27 23:00:04 OPTIONS IMPORT: adjusting link_mtu to 1624
2024-10-27 23:00:04 Using peer cipher 'AES-256-CBC'
2024-10-27 23:00:04 Data Channel: using negotiated cipher 'AES-256-CBC'
2024-10-27 23:00:04 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
2024-10-27 23:00:04 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
2024-10-27 23:00:04 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
2024-10-27 23:00:04 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
2024-10-27 23:00:04 net_route_v4_best_gw query: dst 0.0.0.0
2024-10-27 23:00:04 net_route_v4_best_gw result: via 10.60.25.1 dev wlp1s0
2024-10-27 23:00:04 ROUTE_GATEWAY 10.60.25.1/255.255.255.0 IFACE=wlp1s0 HWADDR=50:5a:65:51:51:df
2024-10-27 23:00:04 TUN/TAP device tun0 opened
2024-10-27 23:00:04 net_iface_mtu_set: mtu 1500 for tun0
2024-10-27 23:00:04 net_iface_up: set tun0 up
2024-10-27 23:00:04 net_addr_v4_add: 10.23.35.12/16 dev tun0
2024-10-27 23:00:04 net_route_v4_add: 10.10.0.0/16 via 10.23.0.1 dev [NULL] table 0 metric 1000
2024-10-27 23:00:04 Initialization Sequence Completed[B][/B]
    After that i had this interface
    Code:
    docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:52:e3:4e:3b  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 907935  bytes 86612941 (86.6 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 907935  bytes 86612941 (86.6 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.23.35.12  netmask 255.255.0.0  destination 10.23.35.12
        inet6 fe80::1253:7ee2:1def:b209  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 85  bytes 5040 (5.0 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.60.25.14  netmask 255.255.255.0  broadcast 10.60.25.255
        inet6 fe80::3b24:d1b0:956c:cd9f  prefixlen 64  scopeid 0x20<link>
        ether 50:5a:65:51:51:df  txqueuelen 1000  (Ethernet)
        RX packets 463294  bytes 164898054 (164.8 MB)
        RX errors 0  dropped 359  overruns 0  frame 0
        TX packets 1070051  bytes 1342672990 (1.3 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0​
    I thinked that tun0 10.10.10.10 are collised with wlp1s0, but i had not enough experience to research it.
    After connect tryhackme say that i have connected

    Click image for larger version Name: image.png Views: 56 Size: 60.9 KB ID: 471​​

    But when i try to ping some machines i get no response

    Click image for larger version Name: image.png Views: 37 Size: 262.5 KB ID: 472
    TryHackMe just an example. I have similar issues with HackTheBox and always when i try connect to diff network.


    I would be extremely grateful if you could help me figure out the problem!
    Tags: None
    • devopn
      Junior Member
      • Oct 2024
      • 4
      #2
      ip route
      Code:
      default via 192.168.174.67 dev wlp1s0 proto dhcp metric 600
10.9.0.0/16 dev tun0 proto kernel scope link src 10.9.1.213
10.10.0.0/16 via 10.9.0.1 dev tun0 metric 1000
169.254.0.0/16 dev docker0 scope link metric 1000 linkdown
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.174.0/24 dev wlp1s0 proto kernel scope link src 192.168.174.144 metric 600

        Comment

        Previous template Next
        Working...
        😀
        😂
        🥰
        😘
        🤢
        😎
        😞
        😡
        👍
        👎