The objective of this post is to describe the OpenVpn configuration I used to connect to the box through the corporate proxy.
I am not going into details on howto setup a OpenVpn server as there are plenty of tutorials. Mine is using PKI and TLS.
Additionally the drop box I used is a Kali linux.
First and foremost the customer did not provide me with any details on the environment and deemed no VPN acces was possible. Well he was wrong....
The only possible access to the internet was through the corporate proxy and a proxy pac file.
First action was to download the pac file and understand which was the right proxy to use. You can normally look for a directive like:
return "PROXY 1.2.3.4:8080"
You should then consider that most of the proxies won't accept connection to port and protocol different from 443 and TCP.
So here you go with the OpenVpn client configuration.
client.conf
client
dev tun
proto tcp
remote <OpenVpn Server public address> 443
http-proxy <hostname/IP address of Proxy found in proxy pac file> <Proxy Port(ex. 8080)>
http-proxy-option AGENT Mozilla/5.0+(Windows;+U;+Windows+NT+5.0;+en-GB;+rv:1.7.6)+Gecko/20050226+Firefox/1.0.1
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
mute-replay-warnings
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
tls-auth tlsauth.key 1
cipher BF-CBC
comp-lzo
verb 3
mute 20
And here it is the server's configuration.
server.conf
local <OpenVpn Server public address>
port 443
proto tcp
dev tun
ca 2.0/keys/ca.crt
cert 2.0/keys/server.crt
key 2.0/keys/server.key # This file should be kept secret
dh 2.0/keys/dh1024.pem
tls-auth 2.0/keys/tlsauth.key 0
server 10.66.77.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-config-dir /etc/openvpn/ccd #we will assign the dropbox a static IP address see below
keepalive 10 120
cipher BF-CBC # Blowfish (default)
comp-lzo
max-clients 3
client-to-client #Very important setting so you can ssh to the dropbox from your pentesting laptop which will be connected to the same OpenVpn server
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
mute 20
Finally to assign the drop box a static IP, in /etc/openvpn/ccd create a file called client (should have the same name used for the certificate pub and private keys ex: john.crt and john.key)
$cat client
ifconfig-push 10.66.77.9 10.66.77.10
Connect both clients (your pentesting box and the remote vmware) to the OpenVpn server using:
openvpn --config /etc/openvpn/client.conf openvpn-client --verb 4If all goes well you should be able to ping each other's clients.
Final step is to move all your files to /etc/openvpn/ and, to make OpenVpn start at boot on your drop box, issue:
sudo update-rc.d openvpn enable