Covert Channel documentation

daemon/include/CovertChannel/CovertChannel.h

@@ -4,29 +4,28 @@
 #include <tins/tins.h>
 
 /**
- * @class Sniffer
+ * @class CovertChannel
  *
- * Sniffs the network.
+ * Sniffs the network, redirects traffic and handles filtered traffic.
  *
- * Sniffer class which will sniff on a network interface. It is supposed to
- * forward the packets to an analyzer or modifyer so we can hide data in the
- * traffic.
+ * CovertChannel class which will sniff on two network interfacees. It handles filtered traffic with a virtual handler
+ * function.
  */
 class CovertChannel {
 public:
 	/**
-	 * Creates a Sniffer.
+	 * Sets up a CovertChannel.
 	 *
-	 * Creates a Sniffer and sets the network interface for sniffing.
+	 * Creates a CovertChannel, sets the network interfaces for sniffing and sending and sets the filter.
 	 *
-	 * @param interface name of the interface for sniffing
+	 * @param innerInterface name of the interface of the inner network
+	 * @param outerInterface name of the interface of the outer network
+	 * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
 	 */
 	CovertChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &filter);
 
 	/**
-	 * Destroys the Sniffer.
-	 *
-	 * Destructor of the Sniffer.
+	 * Destroys the CovertChannel.
 	 */
 	virtual ~CovertChannel();
 
@@ -39,47 +38,108 @@ public:
 	void startSniffing();
 
 	/**
-	 * Sets a filter for the sniffer.
+	 * Sets a filter for the sniffers.
 	 *
-	 * Sets the filter for a sniffer with a pcap filter string. E.g. "ip
-	 * dst 8.8.8.8".
+	 * Sets the filter for the forward and channel sniffers with a pcap filter string. E.g. "host 8.8.8.8".
+	 * The forward filter is the negated filter.
 	 *
-	 * @param filterString pcap filter string
+	 * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
 	 */
-	void setFilter(const std::string &filterString);
+	void setFilter(const std::string &filter);
 
 protected:
 	/**
-	 * Handler for sniffed packets.
+	 * Handler for sniffed packets filterd to forward from the outer network.
 	 *
-	 * Handles incoming connections and provides data for the package analyzer and
-	 * modifyer.
+	 * Handles incoming packets and forwards them.
 	 *
 	 * @param pdu sniffed packet
 	 *
 	 * @return false = stop loop | true = continue loop
 	 */
-	// bool handle(Tins::PDU &pdu);
+	bool handleForwardFromOuter(Tins::PDU &pdu);
 
-	bool handleForwardToInner(Tins::PDU &pdu);
-	bool handleForwardToOuter(Tins::PDU &pdu);
-	virtual bool handleChannelToInner(Tins::PDU &pdu) = 0;
-	virtual bool handleChannelToOuter(Tins::PDU &pdu) = 0;
+	/**
+	 * Handler for sniffed packets filterd to forward from the inner network.
+	 *
+	 * Handles incoming packets and forwards them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	bool handleForwardFromInner(Tins::PDU &pdu);
 
+	/**
+	 * Handler for sniffed packets filterd to use as channel from the outer network.
+	 *
+	 * Handles incoming packets and redirets them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handleChannelFromOuter(Tins::PDU &pdu) = 0;
+
+	/**
+	 * Handler for sniffed packets filterd to use as channel from the outer network.
+	 *
+	 * Handles incoming packets and redirets them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handleChannelFromInner(Tins::PDU &pdu) = 0;
+
+	/**
+	 * Starts the sniffing loop of the inner forward sniffer.
+	 */
 	void startInnerForwardSniffing();
+
+	/**
+	 * Starts the sniffing loop of the outer forward sniffer.
+	 */
 	void startOuterForwardSniffing();
 
+	/**
+	 * Starts the sniffing loop of the inner channel sniffer.
+	 */
 	void startInnerChannelSniffing();
+
+	/**
+	 * Starts the sniffing loop of the outer channel sniffer.
+	 */
 	void startOuterChannelSniffing();
 
 	/**
-	 * Tins sniffer object.
+	 * Tins Sniffer to filter packets to which should be forwarded
 	 */
 	Tins::Sniffer *innerForwardSniffer;
+
+	/**
+	 * Tins Sniffer to filter packets to which should be forwarded
+	 */
 	Tins::Sniffer *outerForwardSniffer;
+
+	/**
+	 * Tins Sniffer to filter packets to which should be used for the covert channel
+	 */
 	Tins::Sniffer *innerChannelSniffer;
+
+	/**
+	 * Tins Sniffer to filter packets to which should be used for the covert channel
+	 */
 	Tins::Sniffer *outerChannelSniffer;
+
+	/**
+	 * Tins PacketSender which sends packets to the inner network
+	 */
 	Tins::PacketSender innerSender;
+
+	/**
+	 * Tins PacketSender which sends packets to the outer network
+	 */
 	Tins::PacketSender outerSender;
 };
 

daemon/include/CovertChannel/ForwardChannel.h

@@ -4,35 +4,50 @@
 #include "CovertChannel.h"
 
 /**
- * @class Sniffer
+ * @class ForwardChannel
  *
- * Sniffs the network.
- *
- * Sniffer class which will sniff on a network interface. It is supposed to
- * forward the packets to an analyzer or modifyer so we can hide data in the
- * traffic.
+ * A CovertChannel which forwards the traffic it captures.
  */
 class ForwardChannel : public CovertChannel {
 public:
 	/**
-	 * Creates a Sniffer.
+	 * Sets up a CovertChannel.
 	 *
-	 * Creates a Sniffer and sets the network interface for sniffing.
+	 * Creates a CovertChannel, sets the network interfaces for sniffing and sending and sets the filter.
 	 *
-	 * @param interface name of the interface for sniffing
+	 * @param innerInterface name of the interface of the inner network
+	 * @param outerInterface name of the interface of the outer network
+	 * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
 	 */
 	ForwardChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &filter);
 
 	/**
-	 * Destroys the Sniffer.
-	 *
-	 * Destructor of the Sniffer.
+	 * Destroys the CovertChannel.
 	 */
 	virtual ~ForwardChannel();
 
 protected:
-	virtual bool handleChannelToInner(Tins::PDU &pdu);
-	virtual bool handleChannelToOuter(Tins::PDU &pdu);
+	/**
+	 * Handler for sniffed packets filterd to forward from the outer network.
+	 *
+	 * Handles incoming packets and forwards them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handleChannelFromOuter(Tins::PDU &pdu);
+
+	/**
+	 * Handler for sniffed packets filterd to forward from the inner network.
+	 *
+	 * Handles incoming packets and forwards them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handleChannelFromInner(Tins::PDU &pdu);
 };
 
 #endif

daemon/src/CovertChannel/CovertChannel.cpp

@@ -46,13 +46,13 @@ void CovertChannel::startSniffing() {
 	outerSnifferThread.detach();
 }
 
-void CovertChannel::startInnerForwardSniffing() { innerForwardSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleForwardToOuter)); }
+void CovertChannel::startInnerForwardSniffing() { innerForwardSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleForwardFromInner)); }
 
-void CovertChannel::startOuterForwardSniffing() { outerForwardSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleForwardToInner)); }
+void CovertChannel::startOuterForwardSniffing() { outerForwardSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleForwardFromOuter)); }
 
-void CovertChannel::startInnerChannelSniffing() { innerChannelSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleChannelToOuter)); }
+void CovertChannel::startInnerChannelSniffing() { innerChannelSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleChannelFromInner)); }
 
-void CovertChannel::startOuterChannelSniffing() { outerChannelSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleChannelToInner)); }
+void CovertChannel::startOuterChannelSniffing() { outerChannelSniffer->sniff_loop(make_sniffer_handler(this, &CovertChannel::handleChannelFromOuter)); }
 
 void CovertChannel::setFilter(const std::string &filterString) {
 	innerForwardSniffer->set_filter("not (" + filterString + ")");
@@ -61,13 +61,13 @@ void CovertChannel::setFilter(const std::string &filterString) {
 	outerChannelSniffer->set_filter(filterString);
 }
 
-bool CovertChannel::handleForwardToInner(Tins::PDU &pdu) {
+bool CovertChannel::handleForwardFromOuter(Tins::PDU &pdu) {
 	innerSender.send(pdu);
 
 	return true;
 }
 
-bool CovertChannel::handleForwardToOuter(Tins::PDU &pdu) {
+bool CovertChannel::handleForwardFromInner(Tins::PDU &pdu) {
 	outerSender.send(pdu);
 
 	return true;

daemon/src/CovertChannel/ForwardChannel.cpp

@@ -5,12 +5,12 @@ ForwardChannel::ForwardChannel(const std::string &innerInterface, const std::str
 
 ForwardChannel::~ForwardChannel() {}
 
-bool ForwardChannel::handleChannelToInner(Tins::PDU &pdu) {
+bool ForwardChannel::handleChannelFromOuter(Tins::PDU &pdu) {
 	innerSender.send(pdu);
 	return true;
 }
 
-bool ForwardChannel::handleChannelToOuter(Tins::PDU &pdu) {
+bool ForwardChannel::handleChannelFromInner(Tins::PDU &pdu) {
 	outerSender.send(pdu);
 	return true;
 }