A Havoc UI tool to pivot onto a machine using ligolo-ng.
Make sure you have on your machine the following to use this tools:
- kdesu or pkexec
- go
- tmux
To install this script first make sure you have the apropriate dependencies installed you can then download it through the havoc extensions tab inside of Attack > Extentions:
To connect to ligolo on the agent you first need to setup. In this example I have my havoc client on 192.168.8.0/24 and a windows machine that I use for the victim on 10.0.2.0/24 The windows client is able to ping 10.0.2.2 but the havoc linux machine can't as shown bellow:
You first need to setup the server to listen on the correct ip address and port. In my example the windows machine does not have any firewall but if you need to listen on a protected port you can activate a "sudo" mode for the ligolo server inside of it's settings. To setup the server open the settings in Ligolo > Settings:
From there we then click on save and need to add the cidr of the client by using the "Add IP range" pop-up inside of Ligolo > Add IP range:
Note that if the server is running adding ranges will automatically be added to the routes of the client's machine
We can then start the server by selecting Ligolo > Start server option which will prompt you multiple times for you sudo password to create the routes and the interfaces
After filling in your root password a few times for all of the commands you will then be prompted with the command to access your ligolo server through a tmux session:
From there you can manage your ligolo server. You have now setup the server correctly!
To connect a client after the server is setup you can now select a demon and run the following command:
ligolo-ng
That command will upload the agent.exe file inside of c:\windows\tasks and run it with the arguments to connect to your server:
You can now also view in the server the connection made and you can then interact with it and tunnel your traffic:
Now that I am connected in my example I can ping the machine: