I can connect to the vpn but can't access the machine

Raggamuffin · March 24, 2023, 5:29am

I can connect to the VPN but cannot connect to the hack the box machine.
I have sent a ping but there is no response.

B
└─$ sudo openvpn Raggamuffin.ovpn
2023-03-24 00:18:39 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless “allow-compression yes” is also set.
2023-03-24 00:18:39 Note: --data-cipher-fallback with cipher ‘AES-128-CBC’ disables data channel offload.
2023-03-24 00:18:39 OpenVPN 2.6.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2023-03-24 00:18:39 library versions: OpenSSL 3.0.8 7 Feb 2023, LZO 2.10
2023-03-24 00:18:39 Outgoing Control Channel Authentication: Using 256 bit message hash ‘SHA256’ for HMAC authentication
2023-03-24 00:18:39 Incoming Control Channel Authentication: Using 256 bit message hash ‘SHA256’ for HMAC authentication
2023-03-24 00:18:39 TCP/UDP: Preserving recently used remote address: [AF_INET]43.249.38.1:1337
2023-03-24 00:18:39 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-03-24 00:18:39 UDPv4 link local: (not bound)
2023-03-24 00:18:39 UDPv4 link remote: [AF_INET]43.249.38.1:1337
2023-03-24 00:18:39 TLS: Initial packet from [AF_INET]43.249.38.1:1337, sid=6466d346 6a7db67d
2023-03-24 00:18:40 VERIFY OK: depth=1, C=UK, ST=City, L=London, O=HackTheBox, CN=HackTheBox CA, name=htb, emailAddress=info@hackthebox.eu
2023-03-24 00:18:40 VERIFY KU OK
2023-03-24 00:18:40 Validating certificate extended key usage
2023-03-24 00:18:40 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-03-24 00:18:40 VERIFY EKU OK
2023-03-24 00:18:40 VERIFY OK: depth=0, C=UK, ST=City, L=London, O=HackTheBox, CN=htb, name=htb, emailAddress=info@hackthebox.eu
2023-03-24 00:18:40 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA1
2023-03-24 00:18:40 [htb] Peer Connection Initiated with [AF_INET]43.249.38.1:1337
2023-03-24 00:18:40 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2023-03-24 00:18:40 TLS: tls_multi_process: initial untrusted session promoted to trusted
2023-03-24 00:18:40 PUSH: Received control message: 'PUSH_REPLY,route 10.10.10.0 255.255.254.0,route 10.129.0.0 255.255.0.0,route-ipv6 dead:beef::/64,tun-ipv6,route-gateway 10.10.14.1,topology subnet,ping 10,ping-restart 120,ifconfig-ipv6 dead:beef:2::100e/64 dead:beef:2::1,ifconfig 10.10.14.16 255.255.254.0,peer-id 10,cipher AES-256-CBC’2023-03-24 00:18:40 OPTIONS IMPORT: timers and/or timeouts modified
2023-03-24 00:18:40 OPTIONS IMPORT: --ifconfig/up options modified
2023-03-24 00:18:40 OPTIONS IMPORT: route options modified
2023-03-24 00:18:40 OPTIONS IMPORT: route-related options modified
2023-03-24 00:18:40 OPTIONS IMPORT: peer-id set
2023-03-24 00:18:40 OPTIONS IMPORT: data channel crypto options modified
2023-03-24 00:18:40 net_route_v4_best_gw query: dst 0.0.0.0
2023-03-24 00:18:40 net_route_v4_best_gw result: via 192.168.3.1 dev eth0
2023-03-24 00:18:40 ROUTE_GATEWAY 192.168.3.1/255.255.255.0 IFACE=eth0 HWADDR=08:00:27:c7:e1:36
2023-03-24 00:18:40 GDG6: remote_host_ipv6=n/a
2023-03-24 00:18:40 net_route_v6_best_gw query: dst ::
2023-03-24 00:18:40 net_route_v6_best_gw result: via fe80::aed1:b8ff:fe8f:956a dev eth0
2023-03-24 00:18:40 ROUTE6_GATEWAY fe80::aed1:b8ff:fe8f:956a IFACE=eth0
2023-03-24 00:18:40 TUN/TAP device tun0 opened
2023-03-24 00:18:40 net_iface_mtu_set: mtu 1500 for tun0
2023-03-24 00:18:40 net_iface_up: set tun0 up
2023-03-24 00:18:40 net_addr_v4_add: 10.10.14.16/23 dev tun0
2023-03-24 00:18:40 net_iface_mtu_set: mtu 1500 for tun0
2023-03-24 00:18:40 net_iface_up: set tun0 up
2023-03-24 00:18:40 net_addr_v6_add: dead:beef:2::100e/64 dev tun0
2023-03-24 00:18:40 net_route_v4_add: 10.10.10.0/23 via 10.10.14.1 dev [NULL] table 0 metric -1
2023-03-24 00:18:40 net_route_v4_add: 10.129.0.0/16 via 10.10.14.1 dev [NULL] table 0 metric -1
2023-03-24 00:18:40 add_route_ipv6(dead:beef::/64 → dead:beef:2::1 metric -1) dev tun0
2023-03-24 00:18:40 net_route_v6_add: dead:beef::/64 via :: dev tun0 table 0 metric -1
2023-03-24 00:18:40 Data Channel: using negotiated cipher ‘AES-256-CBC’
2023-03-24 00:18:40 Outgoing Data Channel: Cipher ‘AES-256-CBC’ initialized with 256 bit key
2023-03-24 00:18:40 Outgoing Data Channel: Using 256 bit message hash ‘SHA256’ for HMAC authentication
2023-03-24 00:18:40 Incoming Data Channel: Cipher ‘AES-256-CBC’ initialized with 256 bit key
2023-03-24 00:18:40 Incoming Data Channel: Using 256 bit message hash ‘SHA256’ for HMAC authentication
2023-03-24 00:18:40 Initialization Sequence Completed

As a result of ping

└─$ ping 10.10.11.194
PING 10.10.11.194 (10.10.11.194) 56(84) bytes of data.
^C
— 10.10.11.194 ping statistics —
133 packets transmitted, 0 received, 100% packet loss, time 135173ms

zen872 · January 12, 2024, 11:30pm

I’m having the same issue with the devel machine. The vpn works fine, I can ping the gateway, but no nmap command works on the target, traceroute stops at the gateway. I’ve also tried the pwnbox, changed files+servers, reset the target machine and it’s not working. I got vip which means I should have access to it, I don’t know what to do at this point. THM works seamlessly compared to this.

DaddyBigFish · January 13, 2024, 4:12pm

I’m sure you need to disable all other VPN services you might have running. You can only use 1 VPN that is the VPN file provided by Hack the Box.

Not sure if that’s what you are experiencing?

DaddyBigFish · January 13, 2024, 4:16pm

Where is this IP from? Try typing “ ip -a “ to see the tun01 IP address.

Stevewarrior · January 20, 2024, 8:11pm

I’m having the same issue.