What traffic does the HTB VPN route?

While connected to the HTB internal network via OpenVPN, I realized that my IP while using the browser was the same as my normal IP. In other words, my browser traffic isn't going over the VPN. I suppose this is an intended feature, to prevent users from abusing the HTB VPN to bounce and hide their network traffic.

Out of curiosity though, what traffic does HTB send to the private network, and how does it discern this traffic from the rest? Since I am connected to the internal network, how does my traffic not get confused during routing? Is it only data destined for a 10.10.10.X IP that gets sent to the HTB network?

Looking at the OpenVPN config file that was provided to me, how can I tell that it is doing this? Where is the setting that defines what traffic is sent where? Is this decided upon during the handshake/connection process (provided to the client by the VPN server)?

Hack The Box

Comments

  • Don't have access to my HTB box right now but in VPN terms the feature that is used is called Split-tunnelling. This means that only routes to the external network (I think it's 10.10.10.0/24 or something, subnet might be bigger) are routed over the VPN tunnel and that the rest of the traffic like direct internet access is routed over your internal network (eth0) interface.

    You can check this yourself with route -n

Sign In to comment.