пре 5 година · d5b85b1a25
@@ -0,0 +1,75 @@
+#ifndef PROXYCHANNEL_H
+#define PROXYCHANNEL_H
+
+#include "CovertChannel.h"
+
+/**
+ * @class ForwardChannel
+ *
+ * A CovertChannel which forwards the traffic it captures.
+ */
+class ProxyChannel : public CovertChannel {
+public:
+	/**
+	 * Sets up a CovertChannel.
+	 *
+	 * Creates a CovertChannel, sets the network interfaces for sniffing and sending and sets the filter.
+	 *
+	 * @param innerInterface name of the interface of the inner network
+	 * @param outerInterface name of the interface of the outer network
+	 * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
+	 * @param relayOnly true - server only relays traffic | false - server redirects traffic over another relay
+	 */
+	ProxyChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &partnerIP,
+	             const std::string &filterIP, const std::string &filterPort, const bool relayOnly);
+
+	/**
+	 * Destroys the CovertChannel.
+	 */
+	virtual ~ProxyChannel();
+
+protected:
+	/**
+	 * Handler for sniffed packets filterd to forward from the outer network.
+	 *
+	 * Handles incoming packets and forwards them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handleChannelFromOuter(Tins::PDU &pdu);
+
+	/**
+	 * Handler for sniffed packets filterd to forward from the inner network.
+	 *
+	 * Handles incoming packets and forwards them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handleChannelFromInner(Tins::PDU &pdu);
+
+	/**
+	 * Handler for sniffed packets filterd to use as channel from the outer network.
+	 *
+	 * Handles incoming packets and redirets them.
+	 *
+	 * @param pdu sniffed packet
+	 *
+	 * @return false = stop loop | true = continue loop
+	 */
+	virtual bool handlePartnerFromOuter(Tins::PDU &pdu);
+
+	/**
+	 * Relay option which activates relay only mode
+	 */
+	const bool relayOnly;
+
+	const Tins::IPv4Address ownAddress;
+	const Tins::IPv4Address partnerAddress;
+	const Tins::IPv4Address filterAddress;
+};
+
+#endif
@@ -0,0 +1,59 @@
+#include "../../include/CovertChannel/ProxyChannel.h"
+#include <iostream>
+
+ProxyChannel::ProxyChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &partnerIP,
+                           const std::string &filterIP, const std::string &filterPort, const bool relayOnly)
+    : CovertChannel(innerInterface, outerInterface, "not (proto tcp and dst host " + filterIP + " and dst port " + filterPort + ")",
+                    "not ((proto tcp and src host " + filterIP + " and src port " + filterPort + ") or (proto tcp and src host " + partnerIP +
+                        " and src port " + filterPort + ") or (dst host " + ownIP + "))",
+                    "proto tcp and dst host " + filterIP + " and dst port " + filterPort, "proto tcp and src host " + filterIP + " and src port " + filterPort,
+                    "proto tcp and src host " + partnerIP + " and src port " + filterPort),
+      relayOnly(relayOnly), ownAddress(ownIP), partnerAddress(partnerIP), filterAddress(filterIP) {}
+
+ProxyChannel::~ProxyChannel() {}
+
+bool ProxyChannel::handleChannelFromOuter(Tins::PDU &pdu) {
+	// TODO: check in a list how to route it and who send the request for this answer
+
+	Tins::IP ip = pdu.rfind_pdu<Tins::IP>();
+	if (relayOnly) {
+		// redirect to partner
+		ip.src_addr(ownAddress);
+		ip.dst_addr(partnerAddress);
+
+		outerSender.send(pdu);
+	} else {
+		// should already be addressed right
+		innerSender.send(pdu);
+	}
+	return true;
+}
+
+bool ProxyChannel::handleChannelFromInner(Tins::PDU &pdu) {
+	Tins::IP ip = pdu.rfind_pdu<Tins::IP>();
+	if (relayOnly) {
+		std::cerr << "Fixme: packet cannot be routed back so it's dropped here!!!" << std::endl;
+		// outerSender.send(pdu);
+		// TODO: add pdu to a list to check later how to route it
+	} else {
+		ip.dst_addr(partnerAddress);
+		outerSender.send(pdu);
+	}
+	return true;
+}
+
+bool ProxyChannel::handlePartnerFromOuter(Tins::PDU &pdu) {
+	Tins::IP ip = pdu.rfind_pdu<Tins::IP>();
+	if (relayOnly) {
+		// redirect to partner
+		ip.src_addr(ownAddress);
+		ip.dst_addr(filterAddress);
+
+		outerSender.send(pdu);
+	} else {
+		// should already be addressed right
+		ip.src_addr(filterAddress);
+		innerSender.send(pdu);
+	}
+	return true;
+}
@@ -0,0 +1,75 @@
 				+#ifndef PROXYCHANNEL_H
 				+#define PROXYCHANNEL_H
 				+
 				+#include "CovertChannel.h"
 				+
 				+/**
 				+ * @class ForwardChannel
 				+ *
 				+ * A CovertChannel which forwards the traffic it captures.
 				+ */
 				+class ProxyChannel : public CovertChannel {
 				+public:
 				+	/**
 				+	 * Sets up a CovertChannel.
 				+	 *
 				+	 * Creates a CovertChannel, sets the network interfaces for sniffing and sending and sets the filter.
 				+	 *
 				+	 * @param innerInterface name of the interface of the inner network
 				+	 * @param outerInterface name of the interface of the outer network
 				+	 * @param filter pcap filter string which will be set for the channel sniffers and negated for the forward sniffers
 				+	 * @param relayOnly true - server only relays traffic | false - server redirects traffic over another relay
 				+	 */
 				+	ProxyChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &partnerIP,
 				+	             const std::string &filterIP, const std::string &filterPort, const bool relayOnly);
 				+
 				+	/**
 				+	 * Destroys the CovertChannel.
 				+	 */
 				+	virtual ~ProxyChannel();
 				+
 				+protected:
 				+	/**
 				+	 * Handler for sniffed packets filterd to forward from the outer network.
 				+	 *
 				+	 * Handles incoming packets and forwards them.
 				+	 *
 				+	 * @param pdu sniffed packet
 				+	 *
 				+	 * @return false = stop loop | true = continue loop
 				+	 */
 				+	virtual bool handleChannelFromOuter(Tins::PDU &pdu);
 				+
 				+	/**
 				+	 * Handler for sniffed packets filterd to forward from the inner network.
 				+	 *
 				+	 * Handles incoming packets and forwards them.
 				+	 *
 				+	 * @param pdu sniffed packet
 				+	 *
 				+	 * @return false = stop loop | true = continue loop
 				+	 */
 				+	virtual bool handleChannelFromInner(Tins::PDU &pdu);
 				+
 				+	/**
 				+	 * Handler for sniffed packets filterd to use as channel from the outer network.
 				+	 *
 				+	 * Handles incoming packets and redirets them.
 				+	 *
 				+	 * @param pdu sniffed packet
 				+	 *
 				+	 * @return false = stop loop | true = continue loop
 				+	 */
 				+	virtual bool handlePartnerFromOuter(Tins::PDU &pdu);
 				+
 				+	/**
 				+	 * Relay option which activates relay only mode
 				+	 */
 				+	const bool relayOnly;
 				+
 				+	const Tins::IPv4Address ownAddress;
 				+	const Tins::IPv4Address partnerAddress;
 				+	const Tins::IPv4Address filterAddress;
 				+};
 				+
 				+#endif
@@ -0,0 +1,59 @@
 				+#include "../../include/CovertChannel/ProxyChannel.h"
 				+#include <iostream>
 				+
 				+ProxyChannel::ProxyChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &partnerIP,
 				+                           const std::string &filterIP, const std::string &filterPort, const bool relayOnly)
 				+    : CovertChannel(innerInterface, outerInterface, "not (proto tcp and dst host " + filterIP + " and dst port " + filterPort + ")",
 				+                    "not ((proto tcp and src host " + filterIP + " and src port " + filterPort + ") or (proto tcp and src host " + partnerIP +
 				+                        " and src port " + filterPort + ") or (dst host " + ownIP + "))",
 				+                    "proto tcp and dst host " + filterIP + " and dst port " + filterPort, "proto tcp and src host " + filterIP + " and src port " + filterPort,
 				+                    "proto tcp and src host " + partnerIP + " and src port " + filterPort),
 				+      relayOnly(relayOnly), ownAddress(ownIP), partnerAddress(partnerIP), filterAddress(filterIP) {}
 				+
 				+ProxyChannel::~ProxyChannel() {}
 				+
 				+bool ProxyChannel::handleChannelFromOuter(Tins::PDU &pdu) {
 				+	// TODO: check in a list how to route it and who send the request for this answer
 				+
 				+	Tins::IP ip = pdu.rfind_pdu<Tins::IP>();
 				+	if (relayOnly) {
 				+		// redirect to partner
 				+		ip.src_addr(ownAddress);
 				+		ip.dst_addr(partnerAddress);
 				+
 				+		outerSender.send(pdu);
 				+	} else {
 				+		// should already be addressed right
 				+		innerSender.send(pdu);
 				+	}
 				+	return true;
 				+}
 				+
 				+bool ProxyChannel::handleChannelFromInner(Tins::PDU &pdu) {
 				+	Tins::IP ip = pdu.rfind_pdu<Tins::IP>();
 				+	if (relayOnly) {
 				+		std::cerr << "Fixme: packet cannot be routed back so it's dropped here!!!" << std::endl;
 				+		// outerSender.send(pdu);
 				+		// TODO: add pdu to a list to check later how to route it
 				+	} else {
 				+		ip.dst_addr(partnerAddress);
 				+		outerSender.send(pdu);
 				+	}
 				+	return true;
 				+}
 				+
 				+bool ProxyChannel::handlePartnerFromOuter(Tins::PDU &pdu) {
 				+	Tins::IP ip = pdu.rfind_pdu<Tins::IP>();
 				+	if (relayOnly) {
 				+		// redirect to partner
 				+		ip.src_addr(ownAddress);
 				+		ip.dst_addr(filterAddress);
 				+
 				+		outerSender.send(pdu);
 				+	} else {
 				+		// should already be addressed right
 				+		ip.src_addr(filterAddress);
 				+		innerSender.send(pdu);
 				+	}
 				+	return true;
 				+}