When I download the openvpn file and connect to the VPN in Kali, do I just leave that terminal window open and open another terminal to work in?
That’s right, that’s what I usually do
Instead of using the terminal I load it into network manager so its easily toggleable.
I usually have it in a small pane in tmux just in case there is an error
You can also suspend process (ctrl+z) and background it (type bg) – although if you’ll face connection issues it might mess up your terminal a bit
You can pass the --daemon option to run openvpn as a daemon (background), when learning this I ended up down a rabbit hole about the words origin and pronunciation it’s kind of fun and will help you remember if interested.
A sneaky thing though is that openvpn assumes you are passing a configuration file if it’s the only thing provided, but when using --daemon you must then use --config as well since there is more than one option being used
I Just create a script to screen the vpn so it can happily run in the background and I dont have to worry/remember which terminal the thing is in.
cat /usr/bin/htb.openvpn
#!/bin/bash
/usr/bin/screen -d -m -S HTB.Openvpn /usr/bin/sudo /usr/sbin/openvpn /home/USERNAME/.ssh/lab_USERNAME.ovpn
awesome, thank you.
and sorry, one more question. are the target machines often problematic? i’m doing the Starting Point module and constantly have issues with running nmap scans, sometimes have to restart the machine, but more at the moment i’m trying to run a ‘nmap -p- -sV’ and it says it’s going to take 9 hours.
Maybe because I dont have VIP?
This is exactly what I was hoping for. Dunno how to do it, but will look it up!
Thank you
Tmux all day for any type of connection.
tmux guide
Pipe the output to /dev/null
Haha I went down the same rabbit hole a few years ago when I started working as a sysadmin. I remember always seeing “daemon” here and there on my PC growing up and never thought to look into it.
From memory it came from a Norse mythology, some kind of demon that worked constantly? It’s honestly how I remembered what a daemon is.
Also thanks for your tip! Will definitely give that a go
Yeah thats a very common problem.
Being VIP won’t change it.
You can try switching between -sS and -sS, that help on some machines.
Also try to get rid of -p- to focus on most common ports (at least at the beginning of your enum)
Finally maybe try another scanner ? I only know nmap and it’s the real MVP, but you still could try something else
Right click the little network icon in kali’s menu bar and select “edit connections…”
Hit “+” to add a new connection, then scroll all the way to the bottom and select “Import a saved VPN connection” then click “Create” and select your downloaded vpn file.
Might want to rename it. I also enable a split tunnel (so not all traffic is routed through the vpn) go into ipv4 settings, click “Routes…” and put a check in “Use this connection only for resources on this network”
Ah that’s a shame.
Ok, will do. I was just following the guide which said to run ‘nmap -p- -sV’.
I noticed that ‘nmap -sV’ usually worked ok, but adding in the ‘-p-’ just causes it to go extremely slow.
What’s the cause of the scan going so slow, do you know?
Thanks so much bro, really helps. Appreciate it 
U don’t have vip thing.
Use nmap -p- -Pn -n ip —disable-arp-ping —min-rate=6000
For port detection then on open ports use -sC and -sV
-p- means check every ports, thats 65535 ports
If you remove it, nmap default is to check 1000 most common ports.
-sV scan more thoroughly each open ports, it doesn’t take long and give very precious info on available services.
Awesome, will give that a go. Thanks a lot
Oh sorry, I meant why does it take so long compared to when scanning a target that isn’t on the HTB network.
How come the HTB walkthrough suggests to use ‘nmap -p- -sV’? Is it something that’s always slow and no one uses, or just happens intermitently?