Hello,
Relative Android newbie here but known Kali for a while, speaking of which, I am doing my OSCP at the moment and this is where my question comes from. When on the road, I would love to be able to connect to the PWK labs from my Nexus 7 and crack some machines but have the following problem:-
I copied my lab-configuration files from my Kali box at home to my Nethunter 3 chroot.
From Kali terminal on my Nethunter 3, I launch # openvpn lab-configuration.conf
and after entering a username and password, I connect successfully.
I run # ifconfig and sure enough, tap0 shows up with the correct IP address.
I run # route -n and everything shows up as follows (lab subnet replaced with x and home subnet replaced with y)
Code:
Destination Gateway Genmask Flags Metric Ref Use Iface
10.70.70.0 192.168.x.1 255.255.255.0 UG 0 0 0 tap0
192.168.y.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
192.168.x.0 0.0.0.0 255.255.254.0 U 0 0 0 tap0
Confirmed with an Offsec admin and this output should be fine with the labs.
However, if I try # traceroute 10.70.70.z (the ip of my lab config panel) then it goes to my LAN gateway (192.168.y.1) and immediately wonders off into the realm of my ISP and fails.
Same again for # traceroute 192.168.x.1 or any of the machines in the lab via # traceroute 192.168.x+1.z is returned by my ISP and not a tap0 related IP.
The Offsec admin and I concluded that even though tap0 was showing up both in Kali Terminal and also the Nethunter app as a valid interface, no traffic was actually being routed over it.
Further research shows that Android has favoured tun connections for vpn over tap (as far as I can find, Android's VPN API does not include tap) and I was unable to locate an Android OpenVPN client that supported tap from the Google Play Store.
My lab-connection.conf file reads as follows (and lab-connection.pem sits in the same directory)
Code:
client
dev tap
proto udp
rport xyz
remote aaa.bbb.ccc.ddd
resolv-retry infinite
nobind
persist-key
persist-tun
ca lab-connection.pem
auth-user-pass
comp-lzo
As I am only a client, I have no control over the lab VPN and must follow the settings they give me.
For reference, I am using a Nexus 7 2012 wifi model with the latest version of Lollipop (re-downloaded a couple of weeks ago for my full wipe and subsequent upgrade from Nethunter 2 to Nethunter 3).
As it seems a bit illogical that an offshoot of an Offensive Security product is not compatible with their most promoted product, could somebody please help me find a way to connect my Nethunter 3 install to the PWK labs?