Home Explore Help
Sign In
tobias.wach
/
CCats
mirror of https://git.rwth-aachen.de/tobias.wach/ccats
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge branch '85-us46-cover-channel-method-append' into 'develop'

US46: Cover Channel Method - Append

Closes #85

See merge request tobias.wach/ccats!80
Sander, Paul 4 years ago
parent
2a1b96631e f807276ceb
commit
aa0b49f214
4 changed files with 153 additions and 1 deletions
Split View Show Diff Stats
  1. 1 0
      daemon/include/CovertChannel/CovertProtocol.hpp
  2. 133 0
      daemon/include/CovertChannel/TCPAppendChannel.hpp
  3. 3 1
      daemon/src/FileManager.cpp
  4. 16 0
      daemon/src/main.cpp

+ 1 - 0
daemon/include/CovertChannel/CovertProtocol.hpp
View File 

@@ -76,6 +76,7 @@ public:
 
 
 		switch (state) {
 
 		case ProtocolState::idle:
 
+			data[0] = 0;
 
 			return;
 
 
 		case ProtocolState::fileNameSize:

+ 133 - 0
daemon/include/CovertChannel/TCPAppendChannel.hpp
View File 

@@ -0,0 +1,133 @@
 
+#ifndef TCPAPPENDCHANNEL_H
 
+#define TCPAPPENDCHANNEL_H
 
+
 
+#include "CovertChannel.h"
 
+
 
+#include "CovertProtocolBidirectional.hpp"
 
+
 
+/**
 
+ * @class TCPAppendChannel
 
+ *
 
+ * A CovertChannel which appends data to the TCP payload
 
+ *
 
+ * @param N number of bytes which can be used to transmit data
 
+ * @param PASSIVE true - server only reacts to incoming channel | false - server initiates channel
 
+ */
 
+template <int N, bool PASSIVE> class TCPAppendChannel : public CovertChannel {
 
+public:
 
+	/**
 
+	 * Sets up a CovertChannel.
 
+	 *
 
+	 * Creates a CovertChannel, sets the network interfaces for sniffing and sending and sets the filter.
 
+	 *
 
+	 * @param innerInterface name of the interface of the inner network
 
+	 * @param outerInterface name of the interface of the outer network
 
+	 * @param ownIP IP of this server
 
+	 * @param targetIP IP of the target server
 
+	 * @param targetPort Port of the target server
 
+	 */
 
+	TCPAppendChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &targetIP,
 
+	                 const std::string &targetPort)
 
+	    : CovertChannel(innerInterface, outerInterface,
 
+	                    "(not (tcp and " + std::string(PASSIVE ? "src" : "dst") + " host " + targetIP + " and " + std::string(PASSIVE ? "src" : "dst") +
 
+	                        " port " + targetPort + ")) and (not (dst host " + ownIP + "))",
 
+	                    "(not (tcp and " + std::string(PASSIVE ? "dst" : "src") + " host " + targetIP + " and " + std::string(PASSIVE ? "dst" : "src") +
 
+	                        " port " + targetPort + ")) and (not (dst host " + ownIP + "))",
 
+	                    "tcp and " + std::string(PASSIVE ? "src" : "dst") + " host " + targetIP + " and " + std::string(PASSIVE ? "src" : "dst") + " port " +
 
+	                        targetPort,
 
+	                    "tcp and " + std::string(PASSIVE ? "dst" : "src") + " host " + targetIP + " and " + std::string(PASSIVE ? "dst" : "src") + " port " +
 
+	                        targetPort) {}
 
+
 
+	/**
 
+	 * Destroys the CovertChannel.
 
+	 */
 
+	virtual ~TCPAppendChannel() {}
 
+
 
+	/**
 
+	 * Send a file over the covert channel.
 
+	 *
 
+	 * @param fileName name of the file in the file directory
 
+	 * @return true - file will be sent | false - file was not accepted
 
+	 */
 
+	virtual bool sendFile(const std::string &fileName) {
 
+		if constexpr (PASSIVE) {
 
+			return false;
 
+		} else {
 
+			return protocol.sendFile(fileName);
 
+		}
 
+	}
 
+
 
+protected:
 
+	/**
 
+	 * Handler for sniffed packets filterd to forward from the outer network.
 
+	 *
 
+	 * Handles incoming packets and forwards them.
 
+	 *
 
+	 * @param pdu sniffed packet
 
+	 *
 
+	 * @return false = stop loop | true = continue loop
 
+	 */
 
+	virtual bool handleChannelFromOuter(Tins::PDU &pdu) {
 
+		Tins::TCP &tcp = pdu.rfind_pdu<Tins::TCP>();
 
+
 
+		// get payload
 
+		Tins::RawPDU *raw = tcp.find_pdu<Tins::RawPDU>();
 
+		if (raw != nullptr) {
 
+			Tins::RawPDU::payload_type &payload = raw->payload();
 
+
 
+			// read data from payload
 
+			std::size_t size = payload.size();
 
+			uint8_t *data = &payload.front();
 
+			data += size - N;
 
+
 
+			protocol.receive(data);
 
+
 
+			// resize payload
 
+			payload.resize(size - N);
 
+		}
 
+
 
+		innerSender.send(pdu);
 
+
 
+		return true;
 
+	}
 
+
 
+	/**
 
+	 * Handler for sniffed packets filterd to forward from the inner network.
 
+	 *
 
+	 * Handles incoming packets and forwards them.
 
+	 *
 
+	 * @param pdu sniffed packet
 
+	 *
 
+	 * @return false = stop loop | true = continue loop
 
+	 */
 
+	virtual bool handleChannelFromInner(Tins::PDU &pdu) {
 
+		Tins::TCP &tcp = pdu.rfind_pdu<Tins::TCP>();
 
+
 
+		// get payload
 
+		Tins::RawPDU *raw = tcp.find_pdu<Tins::RawPDU>();
 
+		if (raw != nullptr) {
 
+			Tins::RawPDU::payload_type &payload = raw->payload();
 
+
 
+			// resize payload
 
+			std::size_t size = payload.size();
 
+			payload.resize(size + N);
 
+
 
+			// write data in payload
 
+			uint8_t *data = &payload.front();
 
+			data += size;
 
+
 
+			protocol.send(data);
 
+		}
 
+
 
+		outerSender.send(pdu);
 
+
 
+		return true;
 
+	}
 
+
 
+	/**
 
+	 * protocol used to transmit data
 
+	 */
 
+	CovertProtocolBidirectional<N, PASSIVE> protocol;
 
+};
 
+
 
+#endif

+ 3 - 1
daemon/src/FileManager.cpp
View File 

@@ -5,7 +5,9 @@
 
 
 #include "../include/Config.h"
 
 
-FileManager::FileManager() : deleteAllowed(Config::getValue("deleteAllowed") == "true"), fileDirectory(Config::getValue("filedirectory") + ((Config::getValue("filedirectory").back() != '/') ? "/" : "" )) {}
 
+FileManager::FileManager()
 
+    : deleteAllowed(Config::getValue("deleteAllowed") == "true"),
 
+      fileDirectory(Config::getValue("filedirectory") + ((Config::getValue("filedirectory").back() != '/') ? "/" : "")) {}
 
 
 FileManager::~FileManager() {
 
 	cancelPut();

+ 16 - 0
daemon/src/main.cpp
View File 

@@ -3,6 +3,7 @@
 
 #include "../include/Config.h"
 
 #include "../include/CovertChannel/CovertChannel.h"
 
 #include "../include/CovertChannel/ForwardChannel.h"
 
+#include "../include/CovertChannel/TCPAppendChannel.hpp"
 
 #include "../include/CovertChannel/TCPOptionTimestampChannel.hpp"
 
 #include "../include/CovertChannel/TCPUrgencyChannel.hpp"
 
 #include "../include/Server.h"
 
@@ -41,6 +42,21 @@ int main(int argc, char *argv[]) {
 
 
 		// covertchannel = new ForwardChannel(innerInterface, outerInterface);
 
 		covertchannel->startSniffing();
 
+	} else if (covertChannelMode == "tcpappend") {
 
+		const string innerInterface = Config::getValue("innerInterface");
 
+		const string outerInterface = Config::getValue("outerInterface");
 
+
 
+		const string ownIP = Config::getValue("ownIP");
 
+		const string targetIP = Config::getValue("targetIP");
 
+		const string targetPort = Config::getValue("targetPort");
 
+		const string passiveMode = Config::getValue("passiveMode");
 
+		const string sendFile = Config::getValue("sendFile");
 
+
 
+		if (passiveMode == "true") {
 
+			covertchannel = new TCPAppendChannel<8, true>(innerInterface, outerInterface, ownIP, targetIP, targetPort);
 
+		} else {
 
+			covertchannel = new TCPAppendChannel<8, false>(innerInterface, outerInterface, ownIP, targetIP, targetPort);
 
+		}
 
 	} else if (covertChannelMode == "tcpoptiontimestamp") {
 
 		const string innerInterface = Config::getValue("innerInterface");
 
 		const string outerInterface = Config::getValue("outerInterface");