VPN Setup

Once you have setup your attacker environment it’s time to get connected to the HTB VPN.

Quickstart

The quickest way to get conneceted is to simply download your .ovpn file from the Access section, open your terminal within the download directory and connect with the command:

openvpn yourusername.ovpn

Make sure you substitute yourusername for the name of your .ovpn file which by default uses your HTB username. Mine is sabebarker.ovpn for example.

If you connect successfully you will see a bunch of output with the last line being something like:

Initialization Sequence Completed

That’s it! you are now connected to the HTB VPN.

I personally like to have my VPN connection setup as a service and have it connect at boot. I use a virtual machine specifically for HTB so when I boot it up I want it connected. Let’s take a look at how to do that.

Run as a service

Let’s assume you are using a Debian based system such as Kali or Parrot and that you are running as root. If you are using a different distro then you will need to lookup how to setup a VPN. Your favourite search engine should do the trick.

Check for Conflicts

First off, if you used the openvpn yourusername.ovpn command above you will need to do CTRL + c in the terminal window or if you closed the terminal window run the command:

ps -aux | grep openvpn

If openvpn is still running you will see an output such as:

root 12142 0.0 0.3 12348 7468 ? S 22:46 0:00 openvpn yourusername.ovpn

If there is an openvpn process that is using your HTB .ovpn file you will need to kill the process by running the command:

kill -9 12142

Be sure to replace 12142 with the PID of your running process shown in your output.

Now we have cleaned up that mess let’s move on.

Service Configuration

From your download location that you chose above move the .ovpn file to your openvpn directory changing the filename to yourusername.conf:

mv yourusername.ovpn /etc/openvpn/yourusername.conf

To start the service we do:

systemctl start openvpn@yourusername.service

If for any reason we need to restart the service like when we are having connection issues we can do:

systemctl restart openvpn@yourusername.service

And to stop the service, yep you guessed it:

systemctl stop openvpn@yourusername.service

Once the service is started you can check it’s status with:

systemctl status openvpn@yourusername.service

Your output should look something like this:

● openvpn@yourusername.service - OpenVPN connection to yourusername
     Loaded: loaded (/lib/systemd/system/openvpn@.service; enabled; vendor preset: disabled)
     Active: active (running)
   Main PID: 823 (openvpn)
     Status: "Initialization Sequence Completed"

Now if you check your network configuration you should see your HTB IP address:

ip a
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
    link/none 
    inet 10.10.X.X/23 brd 10.10.15.255 scope global tun0
       valid_lft forever preferred_lft forever

Make sure you always keep note of your IP as you will be using it alot :)

Autostart on Boot

If you would like to enable the service on boot you can run the command:

systemctl enable openvpn@yourusername.service

On success you should see the output:

Created symlink /etc/systemd/system/multi-user.target.wants/openvpn@yourusername.service → /lib/systemd/system/openvpn@.service.

That’s it! You are up and running.

Hack The Box