Can't ping nor nmap any active machines

Hello,

I’m currently trying to do machines again and went back to my account. I successfully connected to the HTB VPN through openvpn, but I can’t do any nmap commands on Laboratory, currently active machine. Or any other machines.

It’s 100% a problem on my side as I can’t do any nmap probing or pings on another website that I use.

So my command is; “sudo nmap -sV -O -T5 -p- 10.10.10.216” and even if I just remove everything and just go “nmap 10.10.10.216”, same error message;

“Starting Nmap 7.91 ( https://nmap.org ) at 2021-03-21 21:39 CET
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.43 seconds”

I’ve seen multiple messages on this forum already but it’s only because they’ve been trying to use retired machines. But Laboratory is an active one.

I already tried re-downloading my connection pack, changing servers from EU to US but nope, didn’t work.

Thanks for your help!

Edit: I’ve also tried changing network card, reinstalling Kali 2021.1 and changing network in general (just connected to another router) and still nope.

@d3dZerg said:

Hello,

Hi.

I’m currently trying to do machines again and went back to my account. I successfully connected to the HTB VPN through openvpn, but I can’t do any nmap commands on Laboratory, currently active machine. Or any other machines.

Ok - first question, are you on a VIP/VIP+ account?

When you connect via VPN, have you tried running traceroute to the server?

It is failing if you try to nmap non-HTB machines? (such as your host or router)

It’s 100% a problem on my side as I can’t do any nmap probing or pings on another website that I use.

So my command is; “sudo nmap -sV -O -T5 -p- 10.10.10.216” and even if I just remove everything and just go “nmap 10.10.10.216”, same error message;

“Starting Nmap 7.91 ( https://nmap.org ) at 2021-03-21 21:39 CET
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.43 seconds”

Lots of CTF boxes reject ping probes. From memory, its happened on a few HTB boxes but I tend to run -Pn by default now. Its a CTF so I dont need to do asset discovery.

I’ve seen multiple messages on this forum already but it’s only because they’ve been trying to use retired machines. But Laboratory is an active one.

Active boxes still need to be “started” if you are VIP/VIP+.

Networking issues seem to be really common in the last month or two. I don’t know if it is because Kali/Parrot have done something differently or what.

Generally, the best things to check are traceroute or manually craft some traffic to see where the issue is. It can range from things like your VM/Host configuration having some obscure security policy in place which drops it, all the way to network/route tables being corrupted.

I am not VIP/VIP+, and I didn’t do a traceroute so here it is;

“traceroute to 10.10.10.216 (10.10.10.216), 30 hops max, 60 byte packets
1 xxxxxx.home (192.168.1.1) 3.961 ms 3.893 ms 3.839 ms
2 * * *
3 * * *
4 * * *
5 * * *
[…]
28 * * *
29 * * *
30 * * *”

Sooooo likely my own network that’s f***ing up with me. Good to know ^^

-Pn doesn’t really work because it tells me that;

“Nmap scan report for 10.10.10.216
Host is up.
Skipping host 10.10.10.216 due to host timeout
Nmap done: 1 IP address (1 host up) scanned in 900.21 seconds”

I’m gonna see what I can do with my router(s). Thanks a lot for your help.

@d3dZerg said:

I am not VIP/VIP+, and I didn’t do a traceroute so here it is;

“traceroute to 10.10.10.216 (10.10.10.216), 30 hops max, 60 byte packets
1 xxxxxx.home (192.168.1.1) 3.961 ms 3.893 ms 3.839 ms
2 * * *
3 * * *
4 * * *
5 * * *
[…]
28 * * *
29 * * *
30 * * *”

Sooooo likely my own network that’s f***ing up with me. Good to know ^^

-Pn doesn’t really work because it tells me that;

“Nmap scan report for 10.10.10.216
Host is up.
Skipping host 10.10.10.216 due to host timeout
Nmap done: 1 IP address (1 host up) scanned in 900.21 seconds”

I’m gonna see what I can do with my router(s). Thanks a lot for your help.

You aren’t on the VPN, or if you are, the route hasn’t been updated.

The traffic is going to 192.168.1.1 which means it isn’t going down the tunnel.

Going off Taz’s response, your computer is hitting your gateway (192.168.1.1) to attempt to hit the 10x network, so your VPN traffic doesn’t appear to be taking the right path.

Going off the command syntax, looks like you are running Linux. When you connect to the VPN via openvpn, issue the command ifconfig tun0 and paste the output.

Another command to issue and paste the output is netstat -rn which will display your routing table and not resolve hostnames.

If you are running this in a VM, double check your network setup in the hypervisor to see if there are any rules or network setup that would prevent egress traffic. Check in your VM to see if it’s an iptables or UFW issue.