Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding websockets protocol + additional features #51

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Adding websockets protocol + additional features #51

wants to merge 4 commits into from

Conversation

virusvfv
Copy link

Hi again )
I re-coded my websocket branch according your December commits:

  • Mainly added websocket support. This is very useful when you trying to hide C2 server behind CDN (such as Cloudflare of AWS Cloudfront)
  • Added auto-start agent feature
  • Added httpproxy support. username and password field moved to proxy Url. ex: socks://admin:secret@127.0.0.1:1080 or http://admin:secret@127.0.0.1:8080
  • Added agent sname param to covering you C2 domain by google.com or microsoft.com ))

Please review commits and merge it..
Regards

@virusvfv
Add agent check-in routine. Because agent can be lost anytime (not on…
84548be 
…ly when tunneling is started) we anyway need some routing that periodically checks agents yamux sessions and remove dead agents from session list.
@virusvfv
Add autostart agent on proxy
fa46500 
Add retry timeouton agent
@virusvfv
Add http proxy support
3e2fd3d 
Add websocket protocol
Add User-Agent flag
@virusvfv
Edit README
97732dc 
Add sname
@nicocha30
Copy link
Owner

Hey @virusvfv! Thanks for the PR!
I will review this ASAP

@georak
Copy link

georak commented Mar 15, 2024
edited

@nicocha30 do you have an estimation when you ll be able to merge this? It is an excellent work by @virusvfv which adds some MUST HAVE features!

@Cyb3rC3lt
Copy link

Cyb3rC3lt commented Mar 26, 2024
edited

EDIT: Got this working after getting some added info from @virusvfv
Here is what is required for others to see:

Kali: ./proxy -selfcert -laddr https://0.0.0.0:443
Win10: agent.exe -v -connect https://mydomain.com -ignore-cert

On Cloudflare with noTLSVerify enabled, so no TLS checks (no other settings changed):
mydomain.com tunelling to ---> https://0.0.0.0.0:443

Definitely a brilliant feature for ligolo now I have used it.

=========================================
Original Post:

Maybe this is the best place to put this. I have been testing this Websockets PR today and the auto start works really well and is a nice little addition. Good job.

For the life of me, I couldn't get it connecting to ligolo over Cloudflare either using autocert or selfcert. After downloading the Websockets branch my settings are:

Kali: proxy -selfcert
Win10: agent.exe -v -connect https://mydomain.com -ignore-cert

On Cloudflare with noTLSVerify enabled, so no TLS checks (no other settings changed):
mydomain.com tunelling to ---> tcp://mylocalIP:11601

Errors here:
image
image

Any thoughts would be very welcome as I would like to use Cloudflare on an upcoming engagement. Thanks

@Cyb3rC3lt
Copy link

I have continued to test this heavily and it is great for Cloudflare. I did notice 1 issue. When the autostart flag is used it struggles to receive a 2nd conection and won't open a second session. If I remove the autostart flag the 2nd session arrives without any problems. This is what I eventually see on session 2 when it is struggling:

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@virusvfv @nicocha30 @georak @Cyb3rC3lt