ligolo-ng » help
    __    _             __                       
   / /   (_)___ _____  / /___        ____  ____ _
  / /   / / __ `/ __ \/ / __ \______/ __ \/ __ `/
 / /___/ / /_/ / /_/ / / /_/ /_____/ / / / /_/ / 
/_____/_/\__, /\____/_/\____/     /_/ /_/\__, /  
        /____/                          /____/   

  Made in France ♥            by @Nicocha30!
  Version: 0.6.2

Ligolo-ng - An advanced, yet simple tunneling tool

Commands:
=========
  certificate_fingerprint   Show the current selfcert fingerprint
  clear                     clear the screen
  connect_agent             Attempt to connect to a bind agent
  exit                      exit the shell
  help                      use 'help [command]' for command help
  ifconfig                  Show agent interfaces
  session                   Change the current relay agent

Interfaces
==========
  interface_create, ifcreate                Create a new tuntap interface
  interface_delete, ifdel                   Delete a tuntap interface
  interface_list, iflist, route_list        List available tun interfaces
  route_add, add_route, interface_route_add, interface_add_route  Add a route to a network interface
  route_del, del_route, interface_route_del, interface_del_route  Delete a route

Listeners
=========
  listener_add          Listen on the agent and redirect connections to the desired address
  listener_list         List currently running listeners
  listener_stop         Stop a listener

Tunneling
=========
  tunnel_list           List active tunnels
  tunnel_start, start   Start relaying connection to the current agent
  tunnel_stop, stop     Stop the tunnel

Environment

Attack Host: 172.16.2.2/16
Target Host1: 172.16.2.3/16 | 192.168.3.3/24
Target Host2: 192.168.3.4/24 | 192.168.4.4/24
...

Linux

Pivot

# Attack Host
sudo ./proxy -selfcert [-laddr 0.0.0.0:11601]
ligolo-ng » ifcreate --name ligolo1

# Target Host1
./agent -connect 172.16.2.2:11601 -ignore-cert

# Attack Host ligolo-ng
ligolo-ng » INFO[0008] Agent joined ......
ligolo-ng » session
[Agent : SESSION] » start --tun ligolo1
[Agent : SESSION] » ifconfig  # 查看 Target Interface
 
# Attack Host
sudo ip route add 192.168.3.0/24 dev ligolo1
# OR
[Agent : SESSION] » route_add --name ligolo1 --route 192.168.3.0/24

Double Pivot

# Attack Host
# 添加 Interface
ligolo-ng » ifcreate --name ligolo2
# 添加监听器，将此 Agent:11601 端口的流量转发到 Proxy:11601 端口
[Agent : SESSION] » listener_add --addr 0.0.0.0:11601 --to 127.0.0.1:11601 --tcp

# Target Host2
./agent- connect 192.168.3.3:11601 -ignore-cert

# Attack Host ligolo-ng
[Agent : SESSION] » session  # 切换会话
[Agent : SESSION-2] » start --tun ligolo2

# Attack Host
sudo ip route add 192.168.4.0/24 dev ligolo2
# OR
[Agent : SESSION] » route_add --name ligolo2 --route 192.168.4.0/24

Setting

# listener 将此 Agent:2222 端口的流量转发到 Proxy:2222 端口
[Agent : SESSION] » listener_add --addr 0.0.0.0:2222 --to 127.0.0.1:2222 --tcp 
# File Transfer or ...
$ python3 -m http.server 2222

# Bind Pivot Box
# 访问 240.0.0.1 可直接与绑定的 Pivot 交互
sudo ip route add 240.0.0.1/32 dev ligolo

# Delete Interface
ligolo-ng » interface_delete --name ligolo
#OR
sudo ip link delete ligolo
# OR
sudo ifconfig ligolo down
sudo ifconfig ligolo delete

MacOS

Pivot

# Attack Host
sudo ./proxy -selfcert

# Target Host1
./agent -connect 172.16.2.2:11601 -ignore-cert

# Attack Host ligolo-ng
ligolo-ng » INFO[0008] Agent joined ......
ligolo-ng » session
[Agent : SESSION] » start --tun utun3
[Agent : SESSION] » ifconfig  # 查看网络信息

# Attack Host
sudo ifconfig utun3 alias 192.168.3.33 255.255.255.0
sudo route add -net 192.168.3.0/24 -interface utun3

…

Setting

# Delete Interface
sudo ifconfig utun3 inet 0.0.0.0 netmask 255.255.255.0
# Delete IP
sudo ifconfig utun3 delete 192.168.9.9
# Delete Route
sudo route delete -net 192.168.9.1/24 -interface utun3

…

Prev Home Next