ligolo-mp: Multiplayer pivoting solution
Ligolo-mp
Ligolo-mp is a more specialized version of Ligolo-ng, with client-server architecture, enabling pentesters to play with multiple concurrent tunnels collaboratively. Also, with a sprinkle of less important bells and whistles.
Features
Everything that you love about Ligolo-ng and:
- Multiplayer
- Multiple concurrent relays
- Routing to the loopback of target machine (no more port forwarding)
- Listeners are now independent redirectors
- Stricter agent liveness checks
- Built-in TUN management
- Dynamic mTLS-enabled agent binaries generation with obfuscation option
- Simplified certificate management
Important notes
- This thing doesn’t try to be stealthy: there are no tricky malleable profiles, no network fuckery – you will be detected. You have been warned.
- Server-side is Linux-only (agents are still multi-platform, don’t worry)
- Everything uses self-signed certs
- This is mostly just somehow slapped together, so use it at your own risk
Terminology
On our local machine, we use a client to connect to a server, that’s running on the attacking machine. Then we run an agent on the machine we want to pivot through – a target machine. To start pivoting, we create a tun and use it to start a relay between the server and the agent. We can also start a listener to, for example, chain connections through agents in cases where the target machine can’t directly reach our server.
Install & Use
Copyright (C) 2024 ttpreport
