Over at Hack The Box, we use OpenVPN connections to create links between you and our labs and machines. You may be familiar with one of the many personal VPN services available to individuals, but our VPN serves an entirely different purpose.
A personal VPN is a service that encrypts a device's internet connection and routes it through a server in a location of the user's choosing. This can be used to protect the user's privacy, as well as to bypass internet censorship. Personal VPNs are often used by individuals to protect their online activity from being monitored, or to mask their physical location.
In contrast, a VPN provided by a company or organization is typically used to allow individuals to access the company's internal network remotely. This type of VPN establishes a secure connection between a user's device and the company's network, allowing the individual to access internal resources as if they were physically connected to the network.
In the case of various VPN configurations we provide, they allow you to access our internal lab networks over the internet. These configuration files needed to auto-configure your OpenVPN client are called VPN packs or VPN files.
These will place you in the same IP subnet as the vulnerable machines, allowing you to contact them (and attack them).
You will need:
A Hack The Box account.
The latest version of OpenVPN. (pre-installed with Kali Linux and ParrotOS)
A working internet connection.
Tutorial VPN packs
Starting Point EU Free Access
Starting Point US Free Access
Free VPN packs
EU Lab Free Access
US Lab Free Access
AU Lab Free Access
SG Lab Free Access
If you’ve bought a VIP Subscription, you will be able to see the VIP packs as well. These look the same as the Free VPN packs listed above, with the "Free" part changed to "VIP".
While a Linux environment is not required to connect to the VPN, we strongly recommend you use a Linux VM. If you do not have a Linux VM setup, please see the article below:
VPN Server selection
Connecting to Boxes has gotten a whole lot easier. You are now able to interact directly on the Dashboard.
If you want to view and use the currently available VPN controls, you can do so from any page by clicking on the Connections icon next to your profile picture at the top right of the page you're currently on.
The first of the two available options would be to change your OpenVPN settings. By clicking that, you will be met with the server picker menu. The VPN Access selection will dictate the regional localization of the VPN server and the type: VIP or Free.
The selection below will allow you to choose which specific VPN Server you'd like to connect to enable you and your friends to compete against each other on the same instance of any box.
After selecting the appropriate VPN Server, you can click the Download VPN button, prompting a download for your personalized .ovpn pack.
After selecting the appropriate VPN Server, the command mentioned below the button references what you need to run on your terminal to initialize the OpenVPN connection using the newly downloaded .ovpn file.
Booting up OpenVPN
To play Boxes, you must be connected to a VPN through your virtual machine.
After you click the Download button, your pack.ovpn file should be found, by default, in the Downloads folder of your Linux distro. You will be using this file as the configuration for your OpenVPN initialization process.
Open up a terminal and navigate to your Downloads folder.
Then, boot up the OpenVPN initialization process using your pack.ovpn as the configuration file.
Once the Initialization Sequence Completed message appears, you can open a new terminal tab or window and start attacking the boxes.
Please note that you will need to keep this terminal window open to keep the OpenVPN process running.
If you encounter any issues related to your VPN configuration, we have an article dedicated to troubleshooting VPN connection issues.
Check out the article below to start troubleshooting:
Below you can find an explanation of all the VPN control menus:
Under the Access menu, you can select from all the different available labs for the main Boxes lineup. This includes both free and VIP servers, the latter now including the much-requested AU VIP, SG Free, and SG VIP servers!
As a best practice, select the closest lab to you while also considering your account’s VIP status.
VIP servers will, of course, have fewer users on them as there are many more than just the free VPN servers. Fewer members mean less traffic and, more importantly, fewer people trying to attack the same Boxes as you.
From the Server menu, you can select the actual VPN server you want to connect to. After this step, you should be able to download your .ovpn connection pack directly and proceed with engaging in attacks over the Boxes.
We have implemented this method of server selection instead of randomly assigning users to the least populated ones due to several requests for multiple teammates attacking the same Boxes on the same VPN server to compete against each other. We hope that this will further improve collaboration between teammates and bring your educational progress to the next level for both you and your team or organization!
The button to the right of the Server selection menu is the Download button for your now newly generated .ovpn pack. Once clicked, it will initialize a download for your .ovpn pack, which you can use to start up the OpenVPN process on your Linux distro that will allow you to connect to the Boxes in our labs.
In the case where your .ovpn file might be incorrectly generated due to an error, you can regenerate the file by switching back and forth between the Servers on the lab you’ve selected. This will generate the new .ovpn file, which you can directly download to your OS.
If even after regenerating, the .ovpn file is still invalid, our support team would be happy to assist you!