Forward channel works, Proxy channel is garbage

daemon/include/CovertChannel/CovertChannel.h

@@ -20,9 +20,15 @@ public:
 	 *
 	 * @param innerInterface name of the interface of the inner network
 	 * @param outerInterface name of the interface of the outer network
-	 * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 * @param innerForwardFilter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 * @param outerForwardFilter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 * @param innerChannelFilter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 * @param outerChannelFilter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 * @param outerPartnerFilter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
 	 */
-	CovertChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &filter);
+	CovertChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &innerForwardFilter = "",
+	              const std::string &outerForwardFilter = "", const std::string &innerChannelFilter = "", const std::string &outerChannelFilter = "",
+	              const std::string &outerPartnerFilter = "");
 
 	/**
 	 * Destroys the CovertChannel.
@@ -45,7 +51,8 @@ public:
 	 *
 	 * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
 	 */
-	void setFilter(const std::string &filter);
+	void setFilter(const std::string &innerForwardFilter = "", const std::string &outerForwardFilter = "", const std::string &innerChannelFilter = "",
+	               const std::string &outerChannelFilter = "", const std::string &outerPartnerFilter = "");
 
 protected:
 	/**
@@ -92,6 +99,17 @@ protected:
 	 */
 	virtual bool handleChannelFromInner(Tins::PDU &pdu) = 0;
 
+	/**
+	 * Handler for sniffed packets filterd to use as channel from the outer network.
+	 *
+	 * Handles incoming packets and redirets them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handlePartnerFromOuter(Tins::PDU &pdu) = 0;
+
 	/**
 	 * Starts the sniffing loop of the inner forward sniffer.
 	 */
@@ -112,6 +130,11 @@ protected:
 	 */
 	void startOuterChannelSniffing();
 
+	/**
+	 * Starts the sniffing loop of the outer partner sniffer.
+	 */
+	void startOuterPartnerSniffing();
+
 	/**
 	 * Tins Sniffer to filter packets to which should be forwarded
 	 */
@@ -132,6 +155,11 @@ protected:
 	 */
 	Tins::Sniffer *outerChannelSniffer;
 
+	/**
+	 * Tins Sniffer to filter packets to which should be used for the covert channel
+	 */
+	Tins::Sniffer *outerPartnerSniffer;
+
 	/**
 	 * Tins PacketSender which sends packets to the inner network
 	 */

daemon/include/CovertChannel/ForwardChannel.h

@@ -19,7 +19,7 @@ public:
 	 * @param outerInterface name of the interface of the outer network
 	 * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
 	 */
-	ForwardChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &filter);
+	ForwardChannel(const std::string &innerInterface, const std::string &outerInterface);
 
 	/**
 	 * Destroys the CovertChannel.
@@ -48,6 +48,17 @@ protected:
 	 * @return false = stop loop | true = continue loop
 	 */
 	virtual bool handleChannelFromInner(Tins::PDU &pdu);
+
+	/**
+	 * Handler for sniffed packets filterd to use as channel from the outer network.
+	 *
+	 * Handles incoming packets and redirets them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handlePartnerFromOuter(Tins::PDU &pdu);
 };
 
 #endif

daemon/src/CMakeLists.txt

@@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 2.8)
 
 set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/bin)
 
-add_executable(ccats src/main.cpp src/Server.cpp src/base64.cpp src/JsonCommander.cpp src/FileManager.cpp src/UserManager.cpp src/Config.cpp src/CovertChannel/CovertChannel.cpp src/CovertChannel/ForwardChannel.cpp)
+add_executable(ccats src/main.cpp src/Server.cpp src/base64.cpp src/JsonCommander.cpp src/FileManager.cpp src/UserManager.cpp src/Config.cpp src/CovertChannel/CovertChannel.cpp src/CovertChannel/ForwardChannel.cpp src/CovertChannel/ProxyChannel.cpp)
 
 # dependencies used by server only
 find_package(libtins 4.2 REQUIRED)

daemon/src/CovertChannel/CovertChannel.cpp

@@ -3,25 +3,24 @@
 #include <iostream>
 #include <thread>
 
-CovertChannel::CovertChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &filter)
+CovertChannel::CovertChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &innerForwardFilter,
+                             const std::string &outerForwardFilter, const std::string &innerChannelFilter, const std::string &outerChannelFilter,
+                             const std::string &outerPartnerFilter)
     : innerSender(innerInterface), outerSender(outerInterface) {
-	Tins::SnifferConfiguration forwardConfig;
-	forwardConfig.set_promisc_mode(true);
-	forwardConfig.set_immediate_mode(true);
-	forwardConfig.set_direction(PCAP_D_IN);
-	forwardConfig.set_snap_len(1500);
-	forwardConfig.set_filter("not (" + filter + ")");
-
-	Tins::SnifferConfiguration channelConfig;
-	channelConfig.set_promisc_mode(true);
-	channelConfig.set_immediate_mode(true);
-	channelConfig.set_direction(PCAP_D_IN);
-	channelConfig.set_snap_len(1500);
-	channelConfig.set_filter(filter);
+	Tins::SnifferConfiguration config;
+	config.set_promisc_mode(true);
+	config.set_immediate_mode(true);
+	config.set_direction(PCAP_D_IN);
+	config.set_snap_len(1500);
 
 	try {
-		innerForwardSniffer = new Tins::Sniffer(innerInterface, forwardConfig);
-		outerForwardSniffer = new Tins::Sniffer(outerInterface, forwardConfig);
+		innerForwardSniffer = new Tins::Sniffer(innerInterface, config);
+		outerForwardSniffer = new Tins::Sniffer(outerInterface, config);
+		innerChannelSniffer = new Tins::Sniffer(innerInterface, config);
+		outerChannelSniffer = new Tins::Sniffer(outerInterface, config);
+		outerPartnerSniffer = new Tins::Sniffer(outerInterface, config);
+
+		setFilter(innerForwardFilter, outerForwardFilter, innerChannelFilter, outerChannelFilter, outerPartnerFilter);
 	} catch (const Tins::pcap_error &e) {
 		std::cerr << "An error accured setting up the sniffer: " << e.what() << std::endl;
 		std::exit(EXIT_FAILURE);
@@ -33,17 +32,35 @@ CovertChannel::~CovertChannel() {
 	outerForwardSniffer->stop_sniff();
 	innerChannelSniffer->stop_sniff();
 	outerChannelSniffer->stop_sniff();
+	outerPartnerSniffer->stop_sniff();
 	delete (innerForwardSniffer);
 	delete (outerForwardSniffer);
 	delete (innerChannelSniffer);
 	delete (outerChannelSniffer);
+	delete (outerPartnerSniffer);
+}
+
+void CovertChannel::setFilter(const std::string &innerForwardFilter, const std::string &outerForwardFilter, const std::string &innerChannelFilter,
+                              const std::string &outerChannelFilter, const std::string &outerPartnerFilter) {
+	innerForwardSniffer->set_filter(innerForwardFilter);
+	outerForwardSniffer->set_filter(outerForwardFilter);
+	innerChannelSniffer->set_filter(innerChannelFilter);
+	outerChannelSniffer->set_filter(outerChannelFilter);
+	outerPartnerSniffer->set_filter(outerPartnerFilter);
 }
 
 void CovertChannel::startSniffing() {
-	std::thread innerSnifferThread(&CovertChannel::startInnerForwardSniffing, this);
-	std::thread outerSnifferThread(&CovertChannel::startOuterForwardSniffing, this);
-	innerSnifferThread.detach();
-	outerSnifferThread.detach();
+	std::thread innerForwardSnifferThread(&CovertChannel::startInnerForwardSniffing, this);
+	std::thread outerForwardSnifferThread(&CovertChannel::startOuterForwardSniffing, this);
+	std::thread innerChannelSnifferThread(&CovertChannel::startInnerChannelSniffing, this);
+	std::thread outerChannelSnifferThread(&CovertChannel::startOuterChannelSniffing, this);
+	std::thread outerPartnerSnifferThread(&CovertChannel::startOuterPartnerSniffing, this);
+
+	innerForwardSnifferThread.detach();
+	outerForwardSnifferThread.detach();
+	innerChannelSnifferThread.detach();
+	outerChannelSnifferThread.detach();
+	outerPartnerSnifferThread.detach();
 }
 
 void CovertChannel::startInnerForwardSniffing() { innerForwardSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleForwardFromInner)); }
@@ -54,12 +71,7 @@ void CovertChannel::startInnerChannelSniffing() { innerChannelSniffer->sniff_loo
 
 void CovertChannel::startOuterChannelSniffing() { outerChannelSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleChannelFromOuter)); }
 
-void CovertChannel::setFilter(const std::string &filterString) {
-	innerForwardSniffer->set_filter("not (" + filterString + ")");
-	outerForwardSniffer->set_filter("not (" + filterString + ")");
-	innerChannelSniffer->set_filter(filterString);
-	outerChannelSniffer->set_filter(filterString);
-}
+void CovertChannel::startOuterPartnerSniffing() { outerPartnerSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handlePartnerFromOuter)); }
 
 bool CovertChannel::handleForwardFromOuter(Tins::PDU &pdu) {
 	innerSender.send(pdu);

daemon/src/CovertChannel/ForwardChannel.cpp

@@ -1,16 +1,11 @@
 #include "../../include/CovertChannel/ForwardChannel.h"
 
-ForwardChannel::ForwardChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &filter)
-    : CovertChannel(innerInterface, outerInterface, filter) {}
+ForwardChannel::ForwardChannel(const std::string &innerInterface, const std::string &outerInterface) : CovertChannel(innerInterface, outerInterface) {}
 
 ForwardChannel::~ForwardChannel() {}
 
-bool ForwardChannel::handleChannelFromOuter(Tins::PDU &pdu) {
-	innerSender.send(pdu);
-	return true;
-}
+bool ForwardChannel::handleChannelFromOuter(Tins::PDU &pdu) { return false; }
 
-bool ForwardChannel::handleChannelFromInner(Tins::PDU &pdu) {
-	outerSender.send(pdu);
-	return true;
-}
+bool ForwardChannel::handleChannelFromInner(Tins::PDU &pdu) { return false; }
+
+bool ForwardChannel::handlePartnerFromOuter(Tins::PDU &pdu) { return false; }

daemon/src/main.cpp

@@ -19,8 +19,16 @@ int main(int argc, char *argv[]) {
 	if (Config::getValue("activateCovertChannel") == "true") {
 		const string innerInterface = Config::getValue("innerInterface");
 		const string outerInterface = Config::getValue("outerInterface");
-		const string filter = Config::getValue("filter");
-		covertchannel = new ForwardChannel(innerInterface, outerInterface, filter);
+		/*
+		const string ownIP = Config::getValue("ownIP");
+		const string partnerIP = Config::getValue("partnerIP");
+		const string filterIP = Config::getValue("filterIP");
+		const string filterPort = Config::getValue("filterPort");
+		const string relayMode = Config::getValue("relayMode");
+		covertchannel = new ProxyChannel(innerInterface, outerInterface, ownIP, partnerIP, filterIP, filterPort, relayMode == "true");
+		*/
+		covertchannel = new ForwardChannel(innerInterface, outerInterface);
+		covertchannel->startSniffing();
 	}
 
 	// check if userStorage is add specified location