Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Local port redirect #15

Closed
SecT0uch opened this issue Apr 25, 2022 · 9 comments
Closed

Local port redirect #15

SecT0uch opened this issue Apr 25, 2022 · 9 comments
Labels
enhancement New feature or request

Comments

@SecT0uch
Copy link

SecT0uch commented Apr 25, 2022
edited
Loading

What is there a way to expose expose ports listening on localhost ?

I have a Linux proxy and a Windows agent that can communicate through an OpenVPN tunnel (both in 10.10).
On the agent 127.0.0.1:3306 is listening.

I run in the proxy:
listener_add --addr 0.0.0.0:1234 --to 127.0.0.1:3306 --tcp

I can't add the route to the Windows host as it disconnects the agent.

I added a forged route: ip route a 42.42.42.42 dev ligolo and it seems the packets a forwarded to the agent but no response in return.
@nicocha30
Copy link
Owner

This is a good question.

This could be possible by using an iptables rule... I will add this feature in the future.

@nicocha30 nicocha30 added the enhancement New feature or request label Aug 31, 2022
@nicocha30 nicocha30 reopened this Jun 15, 2023
@jesuspabloalfaro
Copy link

+1 bump on this. Would make a great addition especially for OSCP takers looking for a better alternative to chisel B)

@Thy-GoD
Copy link

Thy-GoD commented Nov 3, 2023

I was having this exact problem trying to do an iptables black magic fuckery, pls save my sanity.

This was referenced Dec 11, 2023
Closed
Closed
nicocha30 pushed a commit that referenced this issue Dec 30, 2023
@NicoBBCha
implement local port redirect #15
f4d5e39
@nicocha30
Copy link
Owner

@SecT0uch @jesuspabloalfaro @Thy-GoD
Implemented in latest Ligolo-ng (v0.5.1) release.
https://github.com/nicocha30/ligolo-ng?tab=readme-ov-file#access-to-agents-local-ports-127001

@jesuspabloalfaro
Copy link

you are the best! side note, i passed OSCP thanks to ligolo <3

@StayPirate
Copy link

@SecT0uch @jesuspabloalfaro @Thy-GoD Implemented in latest Ligolo-ng (v0.5.1) release. https://github.com/nicocha30/ligolo-ng?tab=readme-ov-file#access-to-agents-local-ports-127001

How does it behave in case of multiple connected agents?

@SecT0uch
Copy link
Author

How does it behave in case of multiple connected agents?

Unfortunately I didn't have the occasion to use it yet. :/

@StayPirate
Copy link

I connected two agents to the proxy, routed 240.0.0.1 to the ligolo tun interface. When I try to reach that IP from my machine (where the proxy runs) the traffic is forwarded to the first connected agent (session 1). I then switched to session 2 on the proxy TUI, with the command session selecting the second session, then i tried to reach out 240.0.0.1 again, but still the first agent replied.

@nicocha30 how should we use this feature to forward local ports from a different agent?

@nicocha30
Copy link
Owner

@StayPirate switching to another session will not change the current "routing".
You need to start a relay on the other agent (and specify another interface using start --tun ligolo2), then change your system routing table to forward packets to 240.0.0.1 via ligolo2.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@SecT0uch @nicocha30 @StayPirate @jesuspabloalfaro @Thy-GoD