Reverse shell for CTF in r4.2

I installed qubes-os 4.2
I need to do CTF’s on tryhackme and hackthebox.
I created appVM named ‘CTF’. I connect to my openvpn config from hackthebox in ‘CTF’ appVM. And reverse shell via netcat not work and ping or curl when I use python3 -m http.server on my ‘CTF’ appVM not work from remote machine.
I connected appVM to sys-net, but still not work.
So I have: sys-net -> CTF and use openvpn config in the CTF appVM.
Anybody play CTF’s on qubesos?

How I can allow incomming traffic from remote machine via openvpn to my appVM?

Can you try to accept the port you are using in “CTF”?

sudo nft add rule ip qubes custom-input tcp dport <port> accept
1 Like

You need to NAT the ports through sys-net → sys-firewall → CTF-qube

Since openvpn is used here to tunnel packets between the qube and the remote machine, everything port-related is only accessible within “CTF”. sys-net and sys-firewall can’t see anything because they only forward the encrypted traffic.

1 Like

Ah, I misread entirely the openvpn part sorry. Then you are right, there is only the nftable rule to accept connection on the port :+1:

1 Like

Thanks. It’s work. But I added dport before port number:

sudo nft add rule ip qubes custom-input tcp dport 8000 accept

Thanks, I accidentally replaced dport with <port>.
I’ll edit my post for future viewers.

1 Like

I’m curious if you use a special template for your CTF work like parrot, kali, blackarch or just plain fedora/debian?

I use archlinux from community templates.

1 Like

Then maybe blackarch is something for you.