|
|
@@ -4,29 +4,28 @@
|
|
|
#include <tins/tins.h>
|
|
|
|
|
|
/**
|
|
|
- * @class Sniffer
|
|
|
+ * @class CovertChannel
|
|
|
*
|
|
|
- * Sniffs the network.
|
|
|
+ * Sniffs the network, redirects traffic and handles filtered traffic.
|
|
|
*
|
|
|
- * Sniffer class which will sniff on a network interface. It is supposed to
|
|
|
- * forward the packets to an analyzer or modifyer so we can hide data in the
|
|
|
- * traffic.
|
|
|
+ * CovertChannel class which will sniff on two network interfacees. It handles filtered traffic with a virtual handler
|
|
|
+ * function.
|
|
|
*/
|
|
|
class CovertChannel {
|
|
|
public:
|
|
|
/**
|
|
|
- * Creates a Sniffer.
|
|
|
+ * Sets up a CovertChannel.
|
|
|
*
|
|
|
- * Creates a Sniffer and sets the network interface for sniffing.
|
|
|
+ * Creates a CovertChannel, sets the network interfaces for sniffing and sending and sets the filter.
|
|
|
*
|
|
|
- * @param interface name of the interface for sniffing
|
|
|
+ * @param innerInterface name of the interface of the inner network
|
|
|
+ * @param outerInterface name of the interface of the outer network
|
|
|
+ * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
|
|
|
*/
|
|
|
CovertChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &filter);
|
|
|
|
|
|
/**
|
|
|
- * Destroys the Sniffer.
|
|
|
- *
|
|
|
- * Destructor of the Sniffer.
|
|
|
+ * Destroys the CovertChannel.
|
|
|
*/
|
|
|
virtual ~CovertChannel();
|
|
|
|
|
|
@@ -39,47 +38,108 @@ public:
|
|
|
void startSniffing();
|
|
|
|
|
|
/**
|
|
|
- * Sets a filter for the sniffer.
|
|
|
+ * Sets a filter for the sniffers.
|
|
|
*
|
|
|
- * Sets the filter for a sniffer with a pcap filter string. E.g. "ip
|
|
|
- * dst 8.8.8.8".
|
|
|
+ * Sets the filter for the forward and channel sniffers with a pcap filter string. E.g. "host 8.8.8.8".
|
|
|
+ * The forward filter is the negated filter.
|
|
|
*
|
|
|
- * @param filterString pcap filter string
|
|
|
+ * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
|
|
|
*/
|
|
|
- void setFilter(const std::string &filterString);
|
|
|
+ void setFilter(const std::string &filter);
|
|
|
|
|
|
protected:
|
|
|
/**
|
|
|
- * Handler for sniffed packets.
|
|
|
+ * Handler for sniffed packets filterd to forward from the outer network.
|
|
|
*
|
|
|
- * Handles incoming connections and provides data for the package analyzer and
|
|
|
- * modifyer.
|
|
|
+ * Handles incoming packets and forwards them.
|
|
|
*
|
|
|
* @param pdu sniffed packet
|
|
|
*
|
|
|
* @return false = stop loop | true = continue loop
|
|
|
*/
|
|
|
- // bool handle(Tins::PDU &pdu);
|
|
|
+ bool handleForwardFromOuter(Tins::PDU &pdu);
|
|
|
|
|
|
- bool handleForwardToInner(Tins::PDU &pdu);
|
|
|
- bool handleForwardToOuter(Tins::PDU &pdu);
|
|
|
- virtual bool handleChannelToInner(Tins::PDU &pdu) = 0;
|
|
|
- virtual bool handleChannelToOuter(Tins::PDU &pdu) = 0;
|
|
|
+ /**
|
|
|
+ * Handler for sniffed packets filterd to forward from the inner network.
|
|
|
+ *
|
|
|
+ * Handles incoming packets and forwards them.
|
|
|
+ *
|
|
|
+ * @param pdu sniffed packet
|
|
|
+ *
|
|
|
+ * @return false = stop loop | true = continue loop
|
|
|
+ */
|
|
|
+ bool handleForwardFromInner(Tins::PDU &pdu);
|
|
|
|
|
|
+ /**
|
|
|
+ * Handler for sniffed packets filterd to use as channel from the outer network.
|
|
|
+ *
|
|
|
+ * Handles incoming packets and redirets them.
|
|
|
+ *
|
|
|
+ * @param pdu sniffed packet
|
|
|
+ *
|
|
|
+ * @return false = stop loop | true = continue loop
|
|
|
+ */
|
|
|
+ virtual bool handleChannelFromOuter(Tins::PDU &pdu) = 0;
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Handler for sniffed packets filterd to use as channel from the outer network.
|
|
|
+ *
|
|
|
+ * Handles incoming packets and redirets them.
|
|
|
+ *
|
|
|
+ * @param pdu sniffed packet
|
|
|
+ *
|
|
|
+ * @return false = stop loop | true = continue loop
|
|
|
+ */
|
|
|
+ virtual bool handleChannelFromInner(Tins::PDU &pdu) = 0;
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Starts the sniffing loop of the inner forward sniffer.
|
|
|
+ */
|
|
|
void startInnerForwardSniffing();
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Starts the sniffing loop of the outer forward sniffer.
|
|
|
+ */
|
|
|
void startOuterForwardSniffing();
|
|
|
|
|
|
+ /**
|
|
|
+ * Starts the sniffing loop of the inner channel sniffer.
|
|
|
+ */
|
|
|
void startInnerChannelSniffing();
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Starts the sniffing loop of the outer channel sniffer.
|
|
|
+ */
|
|
|
void startOuterChannelSniffing();
|
|
|
|
|
|
/**
|
|
|
- * Tins sniffer object.
|
|
|
+ * Tins Sniffer to filter packets to which should be forwarded
|
|
|
*/
|
|
|
Tins::Sniffer *innerForwardSniffer;
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Tins Sniffer to filter packets to which should be forwarded
|
|
|
+ */
|
|
|
Tins::Sniffer *outerForwardSniffer;
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Tins Sniffer to filter packets to which should be used for the covert channel
|
|
|
+ */
|
|
|
Tins::Sniffer *innerChannelSniffer;
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Tins Sniffer to filter packets to which should be used for the covert channel
|
|
|
+ */
|
|
|
Tins::Sniffer *outerChannelSniffer;
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Tins PacketSender which sends packets to the inner network
|
|
|
+ */
|
|
|
Tins::PacketSender innerSender;
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Tins PacketSender which sends packets to the outer network
|
|
|
+ */
|
|
|
Tins::PacketSender outerSender;
|
|
|
};
|
|
|
|
Jonas Pflanzer