Welcome Guest [Log In] [Register]
Welcome to Pwnie Express. We hope you enjoy your visit.

You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Please note you need to use a valid email address to register for member access.

Get your questions answered, share your ideas and feedback, get your problems solved, and give back by helping others! It only takes a minute to get started. Registration is simple, fast, and completely free!

Join our community!

If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
Ssh Vpn Issue; SSH drops when adding specific route
Topic Started: Sep 27 2012, 12:02 PM (499 Views)


I own two pwnplugs elites and am having an issue with the latest one I purchased. The original one that works perfect is still on version .3 (July 2011) while the new one is version 1.1.2 (July 2012).

I have both the pwnplugs at different remote sites. The older pwnplug uses standard ssh to connect to me (listening on port 3333 for reversing back). The newer pwnplug uses SSH Egress Buster to connect to me on standard ssh (and listens on port 3334 for reversing back). No issues with this on either pwnplug.

Then my next steps are to establish a tunnel between myself and the pwnplug so that I can do some remote scanning from my local laptop. This is what I have been doing for a long time now without any issues on the older pwnplug:

Ssh –w0:0 root@localhost –p 3333

Once logged into the older pwnplug I do the following:

Ifconfig tun0 netmask
Echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables –t nat –A POSTROUTING –o eth0 –j MASQUERADE

Then on my local laptop I will do this:

Ifconfig tun0 netmask

At this point the tunnel is up and everything is good. I then create routes on my local laptop similar to this for the remote networks:

Route add –net dev tun0
Route add –net dev tun0

Then from my laptop I can initiate vulnerability scans and things without any issues.

Now for the new pwnplug I execute all of the same procedures and everything works normal. I can establish the tunnel without any problems. The problem comes when I attempt to add a route on my local laptop for the remote pwnplug directly connected subnet (So if the pwnplug were on a remote network of…then I would try to create a route like "route add –net dev tun0). When I do this my connection to the pwnplug seems to die. I cannot ping the pwnplug tunnel interface and the ssh session just hangs. I cannot do anything. Now if I add routes for any other networks on the remote site besides the pwnplug directly connected it works fine. It is just when I add a route for the locally connected pwnplug subnet that it dies…so I cannot perform any scanning from my laptop to the directly connected pwnplug subnet at the remote site.

My side is the same for both pwnplugs (hardware, network, laptop, etc), but the client sites are different. I've used this approach on the older pwnplug literally hundreds of times without issue at many different locations. I've tried all I can think of, and have even tried the SSH VPN tunnel methodology from the pwnplug manual and get the same results when I add the local subnet in a route.

I'd appreciate any help or thoughts you might have.

Offline Profile Quote Post Goto Top

So to update my original post, here goes...

So we completed that work by just moving the pwnplug to a different network at the client, and then scanning the network that the pwnplug was on from there. Not sexy but it worked. Since then I have had the pwnplug shipped to a new client and they have set it up on their network via DHCP. Using all the same equipment and process, I connected successfully to the pwnplug and have added a route successfully for the local network the pwnplug is sitting on. So the only factors that are different from this client and the previous are the clients networks themselves.

I have no idea what would cause this issue at the previous client. A static IP was set there versus DHCP at next client (I'll test this in the future in case this is the cause). During nmap scans at previous client I saw several indications of BGP ports as closed, but not sure why that should matter.

If anyone has any thoughts i'd be glad to hear them. I'll post more if I come up with anything new.

Offline Profile Quote Post Goto Top
Deleted User
Deleted User

SSH tunnels offer a method to bypass firewalls that command sure web services – farewell as a website permits outgoing connections. As an example, at workplace users is also blocked by some firewalls to access to social websites like facebook and youtube directly through eighty ports. However users might not would like to possess their internet traffic blocked by the firewalls and filters and want to be ready to unblock facebook and youtube. If users will hook up with AN external SSH server, they will produce AN SSH tunnel to forward a given port on their native machine to port eighty on an overseas internet server to bypass those firewalls and filters to unblock facebook and youtube.

Quote Post Goto Top

I am new to VPNs and need to try it for my upcoming China trip because just got to know about the blocked sites over there. Do you know a good best free vpn service? I think there are plenty but I am not aware of any of them so need some help!
Offline Profile Quote Post Goto Top
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · Community Edition Support Forum · Next Topic »
Add Reply