|
|
@@ -4,15 +4,15 @@ The daemon is configurable by config.txt.
|
|
|
The config file must be in the same directory from where you run the binary.
|
|
|
|
|
|
### Configuration Values
|
|
|
-`port` : The port where the server listens. Must be a valid port.
|
|
|
-`interface` : The sniffer interface you want to use.
|
|
|
-`userdatabase` : The file where userdata is stored in format: user;password
|
|
|
-`deleteAllowed` : Says if a client is allowed to delete files from its file directory
|
|
|
-`filedirectory` : The directory where files from the clients will be stored and read from
|
|
|
-`SSLenabled` : When set to true, the server will only use and accept SSL connections from clients. Set to false to disable this
|
|
|
-`SSLcertificate` : The certificate file to use for SSL connections
|
|
|
-`SSLprivatekey` : The private key file to use for SSL connections
|
|
|
-`SSLdhparams` : The diffie-hellman file to use for SSL connections
|
|
|
+`port`: The port where the server listens. Must be a valid port.<br/>
|
|
|
+`interface`: The sniffer interface you want to use.<br/>
|
|
|
+`userdatabase`: The file where userdata is stored in format: user;password<br/>
|
|
|
+`deleteAllowed`: Says if a client is allowed to delete files from its file directory<br/>
|
|
|
+`filedirectory`: The directory where files from the clients will be stored and read from<br/>
|
|
|
+`SSLenabled`: When set to true, the server will only use and accept SSL connections from clients. Set to false to disable this<br/>
|
|
|
+`SSLcertificate`: The certificate file to use for SSL connections<br/>
|
|
|
+`SSLprivatekey`: The private key file to use for SSL connections<br/>
|
|
|
+`SSLdhparams`: The diffie-hellman file to use for SSL connections<br/>
|
|
|
|
|
|
### Notes about SSL
|
|
|
To use SSL, certificates, keys and diffie-hellman parameters are required. To generate these, a convenience script `createsslfiles.sh` is provided.
|
|
|
@@ -27,16 +27,18 @@ If you cannot connect and the server prints a error related to TLSv1, ensure you
|
|
|
`covertChannelMode`: Sets the covert channel mode. To deactiveate don't set it or set it to none or false.<br/>
|
|
|
`innerInterface`: The interface of your inner network<br/>
|
|
|
`outerInterface`: The interface of your outer network<br/>
|
|
|
-
|
|
|
-##### Covert Channel Mode `forward`
|
|
|
-There no further config needed. Forward should work out of the box
|
|
|
-
|
|
|
-##### Covert Channel Mode `tcpurgency`<br/>
|
|
|
-`ownIP`: IP of this server<br/>
|
|
|
`targetIP`: IP of the target server<br/>
|
|
|
`targetPort`: Port of the target server<br/>
|
|
|
`passiveMode`: true - server only reacts to incoming channel | false - server initiates channel<br/>
|
|
|
-`sendFile`: file name in file directory of the file which will be sent after starting the server<br/>
|
|
|
+
|
|
|
+##### Covert Channel Modes
|
|
|
+There are several covert channel modes which will transmit data in other ways.
|
|
|
+`forward`: no data transmission<br/>
|
|
|
+`tcpurgency`: uses the TCP urgency pointer<br/>
|
|
|
+`tcpoptiontimestamp`: uses the TCP option Timestamp to transmit data. WARNING: most OSs use the timestamp so you should not use this option.<br/>
|
|
|
+`tcpappend`: appends the data to the payload of a TCP packet<br/>
|
|
|
+`tcpoptioncustom`: writes data in a custom option field<br/>
|
|
|
+
|
|
|
|
|
|
### Example for config.txt
|
|
|
```
|
Jonas Pflanzer