nicocha30 / ligolo-ng

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
GNU General Public License v3.0
2.78k stars 280 forks source link

Feature request: Exclude host or subnet #95

Open m1ndcr4ck opened 3 months ago

m1ndcr4ck commented 3 months ago

Is your feature request related to a problem? Please describe. When trying to use the agent from the compromised machine and it's connected to the subnet that trying to access. i.e ( If we're connecting to 192.168.0.5 and trying to forward 192.168.0.0/24), this generates the connection to die or not subnet accessible.

Describe the solution you'd like add exclusion for host(s) or subnet(s) from forward

Describe alternatives you've considered add manually a route to exclude compromised host to go through ligolo interface , it seems to work but if I tried to add a second forward can't reach ligolo proxy.

Additional context sshutle uses flag -x to exclude host/subnet more info https://sshuttle.readthedocs.io/en/stable/manpage.html#cmdoption-sshuttle-x keep in mind that also connected through a VPN ( can replicate it on the free Wreath room from THM https://tryhackme.com/r/room/wreath)

Cheers Nico for amazing tool ;)