search

nicocha30 / ligolo-ng

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
GNU General Public License v3.0
2.61k stars 260 forks source link

Setup Ligolo-ng (version 0.6.1) for MacOS #81

Closed Yulypso closed 2 months ago

Yulypso commented 2 months ago

Hello,

Have you found a way to create a "utun[0-9]" interface for the Ligolo-ng proxy server on macOS (MacOS: 14.4.1)? The command "interface_create" doesn't exist in version ligolo-ng_proxy_0.6.1_darwin_amd64.

In version 0.6.1, the agent "ligolo-ng_agent_0.6.1_darwin_amd64" can bind to the "ligolo-ng_proxy_0.6.1_darwin_amd64" server, however, there is no option to create a tunnel and relay the connection to the agent using the "tunnel_start" command.

nicocha30 commented 2 months ago

tunnel_start --tun utun4, interfaces will be created automatically.

Hexix23 commented 2 months ago

From my end still not working properly.

I manage to create the utun interface but didnt get any IP and when I tried to assign the range that I want to tunnel didnt work.

Any idea?

nicocha30 commented 2 months ago

@Hexix23 can you share more details? Do you have any errors?

Hexix23 commented 2 months ago

@nicocha30 yes ofc.

So I have a windows VM hosting the agent image

And my MacOS hosting the proxy image

And from here everything works like a charms and the agent connected to the server.

I created the utun interfaced with the new funcionality and works fine: image

And you can see the interface through ifconfig image

But whatever you try to add a specific IP didnt work.

How did you do on your site? On your mac mini worked?

Thnks in advance! And let me know if I can help with any macos development

nicocha30 commented 2 months ago

Did you tried:

$ sudo ifconfig utun4 alias [random_ip] 255.255.255.0
$ sudo route add -net 192.168.2.0/24 interface utun4

As explained in README?

Hexix23 commented 2 months ago

Yes.

And even if I assign the route and an IP within the range, the tunneling is not done well and I do not get through the machine to the "internal" network.

nicocha30 commented 2 months ago

Can you run the proxy with "-v" and show me the result? On my Mac Mini it worked, but I couldn't do much testing.

MelForze commented 2 months ago

Yes.

And even if I assign the route and an IP within the range, the tunneling is not done well and I do not get through the machine to the "internal" network.

You need to create a new utun, which you don't have in interfaces (ifconfig or ip a). I had utun1-8 and created utun9 

tunnel_start --tun utun9

then added ip and routes and everything worked fine.