Broken Kali Virtual Machine

Hello everyone.
Since yesterday I think my Kali VM is kinda broken.
Let me explain it :
VPN is still working : I can ping machines, access websites of machines etc…

First problem I encountered :
I could not connect to machines through SSH anymore. One fix I found was to add MACs hmac-sha1 to my ssh_config file in /etc/ssh. Now I can connect through SSH.
Second problem :
I cannot access my VM from HTB machines. I used to get files from my VM (like everyone else) with a python server running on my VM. Doing curl http://<my_ip>:8000/linpeas.sh the file was downloading and it displayed the script. Now when I’m doing the curl it is loading indefinitely…

All theses problems appeared suddenly I did not modify anything on my VM (Kali 2020).
Which is weird is that it is doing the same thing on another VMs (Kali 2021). I think it may be my internet settings on the host or my modem but can’t point the real problem.
Do you have an idea ?
Thanks.

@seniuus said:

First problem I encountered :
I could not connect to machines through SSH anymore. One fix I found was to add MACs hmac-sha1 to my ssh_config file in /etc/ssh. Now I can connect through SSH.

Thats a little bit strange - its a not a brand new cipher. If it was a problem, it should have been a problem for quite some time.

Second problem :
I cannot access my VM from HTB machines. I used to get files from my VM (like everyone else) with a python server running on my VM. Doing curl http://<my_ip>:8000/linpeas.sh the file was downloading and it displayed the script. Now when I’m doing the curl it is loading indefinitely…

This implies something is preventing the connection. I’d normally suggest a firewall or AV tool was intercepting the traffic and dropping it.

This could be at the host, on your switch/router or anything else in the traffic stream.

All theses problems appeared suddenly I did not modify anything on my VM (Kali 2020).
Which is weird is that it is doing the same thing on another VMs (Kali 2021). I think it may be my internet settings on the host or my modem but can’t point the real problem.
Do you have an idea ?
Thanks.

If it happened suddenly then something has changed. It could be an update on your host oS, a change to your host OS’s av, an update to VMWare etc.

If it is more than one VM, it is almost certainly something on the host or the VMware tool.

@TazWake said:

Thats a little bit strange - its a not a brand new cipher. If it was a problem, it should have been a problem for quite some time.

This implies something is preventing the connection. I’d normally suggest a firewall or AV tool was intercepting the traffic and dropping it.

This could be at the host, on your switch/router or anything else in the traffic stream.

I’ve tested on another computer and everything works fine. It seems the one I’m using daily have something changed suddenly which blocks a lot of thing… hmmm
SSH thing is also related (working fine on the other computer)

@seniuus said:

I’ve tested on another computer and everything works fine. It seems the one I’m using daily have something changed suddenly which blocks a lot of thing… hmmm
SSH thing is also related (working fine on the other computer)

That means it is almost certainly something that has changed on that computer.

Thanks for your help :slight_smile:

EDIT : Well I’m not sure anymore… I just installed a windows VM on my current computer and it works perfectly I can ssh (with linux subsystem) perfectly and access my python server.
So it seems to be coming from my kali VMs…

SOLUTION :
I found a solution doing this : sudo ifconfig tun0 mtu 1200 it solved the SSH problem and the curl problem. I cannot explain why it solves it though…

I was having difficulty getting my browsers to connect to HTB machines, even though I could wget, nmap, ping, et al with no problems. So I could wget 10.10.10.28/index.html but I coudn’t navigate to http://10.10.10.28 or http://10.10.10.28/index.html with any browser, even using a proxy like burpsuite. This fixed my problem! Thanks! Seems to be an issue with VMware and either kali2021 or rolling upgrade from kali 2020.4

@seniuus said:
… solution … sudo ifconfig tun0 mtu 1200

You may benefit from this article Setting correct MTU for OpenVPN

It describes using ping to discover mtu, as well as the appropriate MSS ( = mtu-40).