Thank you for opting to take the Offensive Security Advanced Web Attacks and Exploitation (AWAE/WEB-300) course. The following document contains instructions for connecting to our online VPN labs and other useful information, which will help you get the most out of the course and labs. Please read it carefully.
WEB-300 ONLINE LAB INTRODUCTION
The WEB-300 lab environment is an important part of the online course. The lab allows the student to implement and practice various web application testing techniques in a legally safe environment. Each student has access to several dedicated lab targets. Unless otherwise indicated, access to the Windows servers is done via Remote Desktop and the Linux machines can be accessed via SSH.
RULES OF BEHAVIOR
While each student has exclusive access to their set of lab machines, the labs themselves are shared with other students, therefore it is vital that you do not alter configurations of machines you hack. Do not change any IP addresses or make any other alterations to a machine unless instructed to. Configuration changes are a nuisance for fellow students - please be courteous to them. The lab runs several monitoring and logging systems. Users disregarding these rules will be removed from the labs and their lab sessions will be terminated. Please be responsible in your lab usage.
CONNECTING TO THE LABS
Your connection to the lab is to be done with Kali Linux using OpenVPN. We are unable to provide any VPN connectivity support if you choose to use another setup. It is also highly recommended that you download and use the Kali VMware image for the most streamlined experience. For more information, please visit the following link: https://help.offensive-security.com/hc/en-us/articles/360049796792
In your welcome email, you should have received a lab connectivity pack (lab-connection.tar.bz2) file. Copy this file to your Kali machine (in /root/), extract it, and initiate the VPN connection:
kali@kali:~$ tar xjf lab-connection.tar.bz2 kali@kali:~$ sudo openvpn OS-XXXXX-AWAE.ovpn Sat Dec 15 17:50:10 2018 OpenVPN 2.4.5 i686-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 4 2018 Sat Dec 15 17:50:10 2018 library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10 Enter Auth Username: OS-XXXXX Enter Auth Password: *********** Sat Dec 15 17:50:44 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]184.108.40.206:1194 Sat Dec 15 17:50:44 2018 UDP link local (bound): [AF_INET][undef]:1194 Sat Dec 15 17:50:44 2018 UDP link remote: [AF_INET]220.127.116.11:1194 Sat Dec 15 17:50:44 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Sat Dec 15 17:50:44 2018 [awaevpncert] Peer Connection Initiated with [AF_INET]18.104.22.168:1194 Sat Dec 15 17:50:46 2018 TUN/TAP device tap0 opened Sat Dec 15 17:50:46 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0 Sat Dec 15 17:50:46 2018 /sbin/ip link set dev tap0 up mtu 1500 Sat Dec 15 17:50:46 2018 /sbin/ip addr add dev tap0 192.168.122.10/24 broadcast 192.168.122.255 Sat Dec 15 17:50:46 2018 Initialization Sequence Completed
When prompted, enter your username and password into the console. Do not close this window, otherwise your VPN connection will terminate! A connectivity test can be performed by sending ICMP ECHO_REQUEST packets to the 192.168.117.200 host.
kali@kali:~$ ping 192.168.117.200 PING 192.168.117.200 (192.168.117.200) 56(84) bytes of data. 64 bytes from 192.168.117.200: icmp_seq=1 ttl=128 time=188 ms 64 bytes from 192.168.117.200: icmp_seq=2 ttl=128 time=181 ms 64 bytes from 192.168.117.200: icmp_seq=3 ttl=128 time=179 ms
Please read this part extremely carefully.
By joining the Offensive Security VPN, you will be exposing your computers' VPN IP to other students taking the course with you. Due to the nature of the course (and its participants!), your computer may be subjected to attacks originating from the VPN network. This is true even if you are located behind a NAT device. Kali users, please change the default root password!
WHAT IS A GOOD PING RESPONSE TIME?
If your average ping is below 300 ms and without any packet loss, you should not encounter any issues within our labs. Sometimes the ping response time can increase for a few seconds; this can happen if a machine is being reverted by another student.
We highly recommend that you use a stable, high speed Internet connection such as Broadband or higher to access the labs. Mobile Internet such as 3G or 4G should be avoided.
First, please ensure that you have Internet connectivity within your Kali Linux virtual machine. If you do have Internet connectivity and are still unable to connect to the labs, ensure you are not behind any firewalls that are preventing you from establishing an outbound connection to the labs on UDP port 1194.
If you're still having connectivity problems or other non-training related issues, you can contact us and we will try to help you to the best of our abilities.
You can submit a ticket.
We wish you a productive and enjoyable time in our labs!
The Offensive Security Team
STILL HAVE QUESTIONS?