Connecting to vpn from multiple clients using the same connection pack (.ovpn)

Hey guys,

I've been connecting to the edge-eu-free-1.hackthebox.eu vpn from my desktop just fine. I wanted to have a friend ssh into a tmux sesh on my vps so I could see if he had any ideas on one of the machines I've been trying to solve.

I scpd my connection pack to the vps, and ran it, it seemed to connect. For this machine (Bashed if it matters), there is a web shell that I have to use to create a reverse shell to my client. This worked fine on my desktop, but it refuses the connection when both of them are running.

Since the vps is headless, I can't use the webshell through the terminal, so I have to connect to it through my vpn on my desktop, while simultaneously connected to the vpn from my remote vps, listening to a certain port so the reverse shell works.

It seems like it doesn't like when I do both of these things. The reverse shell connection is rejected when I try listening on my vps. The connection will also just disappear for minutes at a time, and even though openvpn is still running, it no longer shows it as part of my network (this is for both clients, desktop and vps). However this only happens when both are running at the same time.

Trust me I tried using the webshell through w3m/elinks/etc, without javascript it doesn't work

So ya, let me know if I can provide any additional info. Basically I want a way to connect to the hackthebox vpn network from two clients independently (I would be fine with different IPs, I just want to be able to actually run two).

Thanks.

Tagged:

Comments

  • Afaik You only get one ip address. If you connect from two locations at once, that will create an address conflict and interupt communications.
  • edited April 2018
    Also, if you want to access a webshell in a browser, you can create a local socks proxy while you ssh onto your VPS. for example
    ```
    ssh [email protected] -D 9050 -I ~/.ssh/my_super_secure_id_rsa_key
    ```
  • edited April 2018
    Then change your browser proxy settings to use socks proxy 127.0.0.1:9050
  • edited April 2018
    Also, you have the option of installing a gui environment on your vps and allowing X-forwarding through ssh. Then when you type 'firefox-esr' or 'chromium' in you ssh terminal session. A gui window will open locally on linux.
    if using windows. you'd need to install an xserver agent like XMing.

    Hope this info helps.
    :wink:
  • Using effective xserver/port forwarding/tunneling, using your vps as the staging point will let you have complete controll over the number of clients you give access to.
  • 3mrgnc3 Thank you, this is all very helpful.

    I had thought of X-forwarding, but had only done minimal stuff like forwarding my vim clipboard and whatnot.

    Both of those are great ideas, I will do one of those. Thanks again.

  • I can also confirm that if you open a VPN connection more than one times using the same .ovpn file, the one endpoint will cancel the other constantly. Meaning you will keep having disconnects on both ends

    Ch4p

  • Hi, sorry for the thread resurrect. I've been allocated the same IP on two VM's with the same connection pack - as expected and mentioned by ch4p above.

    I would like to use both VM's at the same time however, one Kali (primary) and Windows 10 VM (temporary for MSSQL activities). Is this not common place, or able to occur?

  • If you do not require reverse shells on both (that you likely won't) you could connect via one of them and route traffic via NAT to the second? Just a thought, let me know if it works.

    Ch4p

  • u can make another server, connect whit VPN and make another vpn on new server an make 2 keys. and now 2 machines connect whit one key to HTB.
    But u cant use 1 key for 2 machines.

    salu2

Sign In to comment.