Results 1 to 4 of 4

Thread: Nethunter 3 with OpenVPN tap interface with PWK - connected but not routing over it

  1. #1

    Nethunter 3 with OpenVPN tap interface with PWK - connected but not routing over it

    Hello,
    Relative Android newbie here but known Kali for a while, speaking of which, I am doing my OSCP at the moment and this is where my question comes from. When on the road, I would love to be able to connect to the PWK labs from my Nexus 7 and crack some machines but have the following problem:-

    I copied my lab-configuration files from my Kali box at home to my Nethunter 3 chroot.
    From Kali terminal on my Nethunter 3, I launch # openvpn lab-configuration.conf
    and after entering a username and password, I connect successfully.

    I run # ifconfig and sure enough, tap0 shows up with the correct IP address.

    I run # route -n and everything shows up as follows (lab subnet replaced with x and home subnet replaced with y)

    Code:
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    10.70.70.0      192.168.x.1    255.255.255.0   UG    0      0        0 tap0
    192.168.y.0    0.0.0.0         255.255.255.0   U     0      0        0 wlan0
    192.168.x.0    0.0.0.0         255.255.254.0   U     0      0        0 tap0
    Confirmed with an Offsec admin and this output should be fine with the labs.

    However, if I try # traceroute 10.70.70.z (the ip of my lab config panel) then it goes to my LAN gateway (192.168.y.1) and immediately wonders off into the realm of my ISP and fails.
    Same again for # traceroute 192.168.x.1 or any of the machines in the lab via # traceroute 192.168.x+1.z is returned by my ISP and not a tap0 related IP.

    The Offsec admin and I concluded that even though tap0 was showing up both in Kali Terminal and also the Nethunter app as a valid interface, no traffic was actually being routed over it.

    Further research shows that Android has favoured tun connections for vpn over tap (as far as I can find, Android's VPN API does not include tap) and I was unable to locate an Android OpenVPN client that supported tap from the Google Play Store.

    My lab-connection.conf file reads as follows (and lab-connection.pem sits in the same directory)

    Code:
    client
    dev tap
    proto udp
    rport xyz 
    remote aaa.bbb.ccc.ddd
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca lab-connection.pem
    auth-user-pass
    comp-lzo
    As I am only a client, I have no control over the lab VPN and must follow the settings they give me.

    For reference, I am using a Nexus 7 2012 wifi model with the latest version of Lollipop (re-downloaded a couple of weeks ago for my full wipe and subsequent upgrade from Nethunter 2 to Nethunter 3).

    As it seems a bit illogical that an offshoot of an Offensive Security product is not compatible with their most promoted product, could somebody please help me find a way to connect my Nethunter 3 install to the PWK labs?

  2. #2
    Join Date
    2016-Feb
    Posts
    14
    Did yo ever get it worked out? I recently installed PIA (Private Internet Access), and the same thing for me: tap0 shows up but it doesn't seem to be routing traffic over it. When I go to whatismyipaddress.com it still shows my actual ip address.

  3. #3
    Not yet, plan to try reflashing with the CyanogenMod and then adding NetHunter to that to see if it makes any difference. With the different setup, I am hoping that routing with VPN setups might work correctly. However, this is a hope and will not be proven for at least a few weeks until I have time to do so.

  4. #4
    Join Date
    2017-Apr
    Posts
    1
    Sorry to bump, but I love using Nethunter while on long distance traveling on my OnePlus, Nexus 5 (for the wireless card allowing monitor mode), and Red Mi 5.... I'm going through PWK and would very much like to do labs on these devices, as my laptop has been down since my third day of my 90 day PWK lab access... I'm pretty much hosed, no?

Similar Threads

  1. Replies: 0
    Last Post: 2020-03-13, 17:04
  2. Replies: 1
    Last Post: 2016-11-22, 20:27
  3. Routing all traffic through proxychains?
    By themanchurian in forum General Archive
    Replies: 1
    Last Post: 2016-08-16, 11:31
  4. Anyone else having issues with openvpn/openvpn-gnome now?
    By fonestar in forum TroubleShooting Archive
    Replies: 0
    Last Post: 2016-06-05, 20:16
  5. Static Routing Question
    By polyphemus in forum General Archive
    Replies: 3
    Last Post: 2013-12-01, 14:34

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •