Having issues again today with the CHTP labs

Not sure if anyone is having issues....
same issues like last time
tried to connect to 2 difft labs and same..

getting a little frustratin...

i just bought the OSCP voucher today so Im wondering shouild I pause the CTHP and pivot to the OSCP?

Find more posts tagged with

Comments

chrisone

Was using the THP labs a few minutes ago. Check the logs, what errors are you getting now?

secureckb

Hi
this is the output"

p 18 00:04:33 2020 Windows version 10.0 (Windows 10 or greater) 64bit

Fri Sep 18 00:04:33 2020 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10

Fri Sep 18 00:04:36 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]68.233.248.243:37305

Fri Sep 18 00:04:36 2020 Attempting to establish TCP connection with [AF_INET]68.233.248.243:37305 [nonblock]

Fri Sep 18 00:06:36 2020 TCP: connect to [AF_INET]68.233.248.243:37305 failed: Unknown error

Fri Sep 18 00:06:36 2020 SIGUSR1[connection failed(soft),init_instance] received, process restarting

Fri Sep 18 00:06:41 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]68.233.248.243:37305

Fri Sep 18 00:06:41 2020 UDP link local (bound): [AF_INET][undef]:1194

Fri Sep 18 00:06:41 2020 UDP link remote: [AF_INET]68.233.248.243:37305

(*****************

it was working fine this morning and early evening and now it has issues...

secureckb

Hi chisone or anyone
can you send me your config file so i can diff?
thanks
'
i tried 4.6--->4.9 and failss

secureckb

this what I have done:

2.4.9 version:

1). edited the config fle: added: cipher AES-256-CBC
2), Starred openvpn : iles\OpenVPN\bin>openvpn --cipher AES-256-CBC --config C:\Digital\Hunting_with_IOCs_2694.ovpn

Fri Sep 18 09:37:22 2020 OpenVPN 2.4.9 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 16 2020

Fri Sep 18 09:37:22 2020 Windows version 6.2 (Windows 8 or greater) 64bit

Fri Sep 18 09:37:22 2020 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10

Enter Auth Username:jeffgo888

Enter Auth Password:

Fri Sep 18 09:37:28 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]162.254.145.243:42477

Fri Sep 18 09:37:28 2020 Attempting to establish TCP connection with [AF_INET]162.254.145.243:42477 [nonblock]

Fri Sep 18 09:39:28 2020 TCP: connect to [AF_INET]162.254.145.243:42477 failed: Unknown error

Fri Sep 18 09:39:28 2020 SIGUSR1[connection failed(soft),init_instance] received, process restarting

Fri Sep 18 09:39:33 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]162.254.145.243:42477

Fri Sep 18 09:39:33 2020 UDP link local (bound): [AF_INET][undef]:1194

Fri Sep 18 09:39:33 2020 UDP link remote: [AF_INET]162.254.145.243:42477

yoba222

OSCP lab time is expensive and I'd pause the other. 90 days = $800, that's $8.88 per day!

secureckb

@yoba222
so your recommending pausing THP for now? i tend to agree...im sorry. i dont wanna sound preeny but I have tried pretty much everything and I shoild be spending this time learning in Labs insttead of fixing this and the support from eLearn...they respond maybe ONCE a day

secureckb

implanning to do the HTB and VHL probably now and start and then start the OSCP...got the voucher already soi can start anytime. This experience so far with eLearn is...

chrisone

Have you downloaded the newer openvpn file for your lab? if not reset it and download a new openvpn profile.

root@kali:~/Sync/elearnsecurity/thpv2/ovpn_files# openvpn Hunting_with_Splunk_Lab_1_2712.ovpn

Thu Sep 17 21:34:13 2020 OpenVPN 2.4.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 2 2020

Thu Sep 17 21:34:13 2020 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10

 Enter Auth Username:

 Enter Auth Password:

Thu Sep 17 21:34:17 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]68.233.248.243:36090

Thu Sep 17 21:34:17 2020 Attempting to establish TCP connection with [AF_INET]68.233.248.243:36090 [nonblock]

Thu Sep 17 21:34:18 2020 TCP connection established with [AF_INET]68.233.248.243:36090

Thu Sep 17 21:34:18 2020 TCP_CLIENT link local: (not bound)

Thu Sep 17 21:34:18 2020 TCP_CLIENT link remote: [AF_INET]68.233.248.243:36090

Thu Sep 17 21:34:19 2020 [Hera Openvpn Cluster] Peer Connection Initiated with [AF_INET]68.233.248.243:36090

Thu Sep 17 21:34:20 2020 TUN/TAP device tap0 opened

Thu Sep 17 21:34:20 2020 /sbin/ip link set dev tap0 up mtu 1500

Thu Sep 17 21:34:20 2020 /sbin/ip addr add dev tap0 172.16.84.10/24 broadcast 172.16.84.255

Thu Sep 17 21:34:20 2020 Initialization Sequence Completed

Thu Sep 17 22:01:36 2020 Connection reset, restarting [0]

root@kali:~/Sync/elearnsecurity/thpv2/ovpn_files# openvpn Hunting_with_Splunk_Lab_2_2713.ovpn

Thu Sep 17 22:13:25 2020 OpenVPN 2.4.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 2 2020

Thu Sep 17 22:13:25 2020 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10

 Enter Auth Username:

 Enter Auth Password:

Thu Sep 17 22:13:30 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]69.46.22.139:41245

Thu Sep 17 22:13:30 2020 Attempting to establish TCP connection with [AF_INET]69.46.22.139:41245 [nonblock]

Thu Sep 17 22:13:31 2020 TCP connection established with [AF_INET]69.46.22.139:41245

Thu Sep 17 22:13:31 2020 TCP_CLIENT link local: (not bound)

Thu Sep 17 22:13:31 2020 TCP_CLIENT link remote: [AF_INET]69.46.22.139:41245

Thu Sep 17 22:13:31 2020 [Hera Openvpn Cluster] Peer Connection Initiated with [AF_INET]69.46.22.139:41245

Thu Sep 17 22:13:33 2020 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).

Thu Sep 17 22:13:33 2020 TUN/TAP device tap0 opened

Thu Sep 17 22:13:33 2020 /sbin/ip link set dev tap0 up mtu 1500

Thu Sep 17 22:13:33 2020 /sbin/ip addr add dev tap0 172.16.84.10/24 broadcast 172.16.84.255

Thu Sep 17 22:13:33 2020 Initialization Sequence Completed

By the way Kali linux already comes preloaded with Openvpn, are you installing a certain version? I have never needed to "install" openvpn on kali.

secureckb

Hi sir
i tried with the 2 betas and also the 2.4.6 until the 9 version

secureckb

openvpn.exe --data-ciphers BF-CBC --config C:\Digital\Hunting_Web_Shells_Part_2_2699.ovpn

2020-09-18 12:59:50 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (BF-CBC). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.

2020-09-18 12:59:50 OpenVPN 2.5_beta4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 11 2020

2020-09-18 12:59:50 Windows version 10.0 (Windows 10 or greater) 64bit

2020-09-18 12:59:50 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10

Enter Auth Username:jeffgo888

Enter Auth Password:

2020-09-18 12:59:56 TCP/UDP: Preserving recently used remote address: [AF_INET]68.233.248.243:37305

2020-09-18 12:59:56 Attempting to establish TCP connection with [AF_INET]68.233.248.243:37305 [nonblock]

2020-09-18 13:00:22 SIGTERM[hard,init_instance] received, process exiting

C:\Program Files\OpenVPN\bin>

C:\Program Files\OpenVPN\bin>openvpn.exe --config C:\Digital\Hunting_Web_Shells_Part_2_2699.ovpn

2020-09-18 13:00:28 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.

2020-09-18 13:00:28 OpenVPN 2.5_beta4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 11 2020

2020-09-18 13:00:28 Windows version 10.0 (Windows 10 or greater) 64bit

2020-09-18 13:00:28 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10

Enter Auth Username:jeffgo888

Enter Auth Password:

2020-09-18 13:00:33 TCP/UDP: Preserving recently used remote address: [AF_INET]68.233.248.243:37305

2020-09-18 13:00:33 Attempting to establish TCP connection with [AF_INET]68.233.248.243:37305 [nonblock]

secureckb

RESOVED! Changed VPN client to Viscosity....and IM up and running now

chrisone

Nice work! Why are you using Windows? sorry if you already explained yourself in the other post.

secureckb

Hi sir Chisone: My laptops are windows and my Virtualboxes are Kali ofc.... im open to suggestions and the Lab is RDP windows on the THP ones.

chrisone

Windows or Linux for THP is fine. Yeah all labs are RDP into windows machines.

secureckb

I’m digging into the IOC lessons and reviewing back the web shells as well. It’s amazing what you can learn and everyone reading needs to know that you gotta research too lol.

yoba222

secureckb said:

implanning to do the HTB and VHL probably now and start and then start the OSCP...got the voucher already soi can start anytime. This experience so far with eLearn is...

Ahh okay I didn't realize you hadn't started PWK yet. You can't really pause the PWK (or VHL) once it starts, but since eLearn is by the hour, you can do that at your own pace. Though this seems to be kind of a curse, because then people procrastinate and then drag out finishing the eLearn course for a year or two.

As far as order to do them all, I don't know how CHTP would fit in because I've never done it and only exposed to eJPT. But the order VHL then OSCP I think is very good as I've experienced both firsthand. I'd even skip HTB altogether and go right into VHL because they teach a methodology and the course is only a couple of hundred pages.

I should add: I wouldn't do two courses simultaneously and instead stick to one -- course material during the week and labs on the weekend I've found to be a good balance too.

chrisone

To add to what @yoba222 mentioned.

THPv2, VHL, OSCP, exam retakes, you are looking at a minimum 12-16 months of work here. Depending on your level of experience I could see 8-12 months is doable. Not that you have indicated, but just a friendly reminder to not tackle these simultaneously.

You will experience failure on your journey. Don't get frustrated and give up. The path you choose is difficult.

THPv2 is difficult (not entry level) from a blue team perspective.
VHL is entry-mid level difficulty (Very difficult if you have zero pentesting experience).
PWK 2020 is mid level difficulty (this is not CEH or eJPT).

If you are very experienced in pentesting and looking to knock these certs out in 1 month each. Why even waste your time, should have jumped straight into XDS, OSCE, PTXv2, SANS GXPN, Pentester Academy PACES, or take Corelan's exploit dev courses.

Good luck on your journey.

secureckb

Hi @yoba222
yes i agree 1000% with you. for OSCP PWK, I only paid for the voucher..havent started the course yet. Yes my plan is complete the THP., then take the exam and then go right to PWK OSCP... by h2olidays eveyrting slows down so I will have time..:) BTW... inmteresting post on elearn IHRP program,..lots of complaints about the content.

secureckb

Hi Chrisone sir
im putting in the work for sure and don’t mean to belittle each one and I’m so glad in your experience you rated each one course so that’s makes me feel better that can tackle now and grade my comfort level
Thank you

chrisone

Cool, how much lab access do you have for PWK and did you get PWK2020 course materials? Sorry I was a little confused on the statement about just purchasing a voucher.

secureckb

I bough 60 days lab so basically you pay for the voucher and when your ready you redeem if for the course and then you start and yes sir, I bought the entire course for $1200 or so

chrisone

Very cool! After you are done with THP, your plan for VHL to PWK is nice and will transition very well. You got this buddy!

secureckb

thank you sir.....one step at a time ....no quarters given..