Proxy Channel might work now

daemon/Daemon-Config-Reference.md

@@ -7,10 +7,22 @@ The config file must be in the same directory from where you run the binary.
 `port`: The port where the server listens. Must be a valid port.<br/>
 `userdatabase`: The file where userdata is stored in format: user;password<br/>
 `filedirectory`: The file directory where the received files will be store. (Folder must exist!!!)<br/>
-`activateCovertChannel`: Set to true to activate covert channel. Won't initialize sniffers and senders if set to false<br/>
+
+#### Covert Channel options
+`covertChannelMode`: Sets the covert channel mode. To deactiveate don't set it or set it to none or false.<br/>
 `innerInterface`: The interface of your inner network<br/>
 `outerInterface`: The interface of your outer network<br/>
-`filter`: pcap filter string to set the filter for the covert channel<br/>
+
+##### Covert Channel Mode `forward`
+There no further config needed. Forward should work out of the pox
+
+##### Covert Channel Mode `proxy`
+`ownIP`: IP of this server<br/>
+`partnerIP`: IP of the partner server. If this is a relay the other cannot be a relay.<br/>
+`targetIP`: IP of the target server of teh covert channel<br/>
+`targetPort`: Port of the target server of the covert channel<br/>
+`relay`: Bool which sets the mode: true - just relays the covert channel | false - uses it's own covert channel<br/>
+
 ### Example for config.txt
 ```
 port=1234

daemon/include/CovertChannel/ProxyChannel.h

@@ -21,7 +21,7 @@ public:
 	 * @param relayOnly true - server only relays traffic | false - server redirects traffic over another relay
 	 */
 	ProxyChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &partnerIP,
-	             const std::string &filterIP, const std::string &filterPort, const bool relayOnly);
+	             const std::string &originIP, const std::string &targetIP, const std::string &targetPort, const bool relayOnly);
 
 	/**
 	 * Destroys the CovertChannel.
@@ -69,7 +69,8 @@ protected:
 
 	const Tins::IPv4Address ownAddress;
 	const Tins::IPv4Address partnerAddress;
-	const Tins::IPv4Address filterAddress;
+	const Tins::IPv4Address originAddress;
+	const Tins::IPv4Address targetAddress;
 };
 
 #endif

daemon/src/CovertChannel/ProxyChannel.cpp

@@ -2,33 +2,32 @@
 #include <iostream>
 
 ProxyChannel::ProxyChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &partnerIP,
-                           const std::string &filterIP, const std::string &filterPort, const bool relayOnly)
-    : CovertChannel(innerInterface, outerInterface, "not (tcp and dst host " + filterIP + " and dst port " + filterPort + ")",
+                           const std::string &originIP, const std::string &targetIP, const std::string &targetPort, const bool relayOnly)
+    : CovertChannel(innerInterface, outerInterface, "not (tcp and src host " + originIP + " and dst host " + targetIP + " and dst port " + targetPort + ")",
 
-                    "not ((tcp and src host " + filterIP + " and src port " + filterPort + ") or (proto tcp and src host " + partnerIP + " and src port " +
-                        filterPort + ") or (dst host " + ownIP + "))",
+                    "not (tcp and src host " + targetIP + " and dst host " + ownIP + " and src port " + targetPort + ")",
 
-                    "tcp and dst host " + filterIP + " and dst port " + filterPort,
+                    "tcp and src host " + originIP + " and dst host " + targetIP + " and dst port " + targetPort,
 
-                    "tcp and src host " + filterIP + " and src port " + filterPort,
+                    "tcp and src host " + targetIP + " and dst host " + ownIP + " and src port " + targetPort,
 
-                    "tcp and src host " + partnerIP + " and src port " + filterPort),
-      relayOnly(relayOnly), ownAddress(ownIP), partnerAddress(partnerIP), filterAddress(filterIP) {}
+                    "tcp and src host " + partnerIP + " and dst host " + ownIP + " and src port " + targetPort),
+      relayOnly(relayOnly), ownAddress(ownIP), partnerAddress(partnerIP), originAddress(originIP), targetAddress(targetIP) {}
 
 ProxyChannel::~ProxyChannel() {}
 
 bool ProxyChannel::handleChannelFromOuter(Tins::PDU &pdu) {
 	// TODO: check in a list how to route it and who send the request for this answer
 
-	Tins::IP ip = pdu.rfind_pdu<Tins::IP>();
+	Tins::IP &ip = pdu.rfind_pdu<Tins::IP>();
 	if (relayOnly) {
 		// redirect to partner
 		ip.src_addr(ownAddress);
 		ip.dst_addr(partnerAddress);
-		pdu.inner_pdu(ip);
 		outerSender.send(pdu);
 	} else {
-		// should already be addressed right
+		ip.src_addr(targetAddress);
+		ip.dst_addr(originAddress);
 		innerSender.send(pdu);
 		std::cout << "channel from outer" << std::endl;
 	}
@@ -36,14 +35,14 @@ bool ProxyChannel::handleChannelFromOuter(Tins::PDU &pdu) {
 }
 
 bool ProxyChannel::handleChannelFromInner(Tins::PDU &pdu) {
-	Tins::IP ip = pdu.rfind_pdu<Tins::IP>();
+	Tins::IP &ip = pdu.rfind_pdu<Tins::IP>();
 	if (relayOnly) {
 		std::cerr << "Fixme: packet cannot be routed back so it's dropped here!!!" << std::endl;
 		// outerSender.send(pdu);
 		// TODO: add pdu to a list to check later how to route it
 	} else {
+		ip.src_addr(ownAddress);
 		ip.dst_addr(partnerAddress);
-		pdu.inner_pdu(ip);
 		outerSender.send(pdu);
 		std::cout << "channel from inner" << std::endl;
 	}
@@ -51,17 +50,16 @@ bool ProxyChannel::handleChannelFromInner(Tins::PDU &pdu) {
 }
 
 bool ProxyChannel::handlePartnerFromOuter(Tins::PDU &pdu) {
-	Tins::IP ip = pdu.rfind_pdu<Tins::IP>();
+	Tins::IP &ip = pdu.rfind_pdu<Tins::IP>();
 	if (relayOnly) {
 		// redirect to partner
 		ip.src_addr(ownAddress);
-		ip.dst_addr(filterAddress);
-		pdu.inner_pdu(ip);
+		ip.dst_addr(targetAddress);
 		outerSender.send(pdu);
 	} else {
 		// should already be addressed right
-		ip.src_addr(filterAddress);
-		pdu.inner_pdu(ip);
+		ip.src_addr(targetAddress);
+		ip.dst_addr(originAddress);
 		innerSender.send(pdu);
 		std::cout << "partner" << std::endl;
 	}

daemon/src/main.cpp

@@ -17,19 +17,27 @@ int main(int argc, char *argv[]) {
 	}
 
 	CovertChannel *covertchannel = nullptr;
-	if (Config::getValue("activateCovertChannel") == "true") {
+	const std::string covertChannelMode = Config::getValue("covertChannelMode");
+	if (covertChannelMode == "proxy") {
 		const string innerInterface = Config::getValue("innerInterface");
 		const string outerInterface = Config::getValue("outerInterface");
 
 		const string ownIP = Config::getValue("ownIP");
 		const string partnerIP = Config::getValue("partnerIP");
-		const string filterIP = Config::getValue("filterIP");
-		const string filterPort = Config::getValue("filterPort");
+		const string originIP = Config::getValue("originIP");
+		const string targetIP = Config::getValue("targetIP");
+		const string targetPort = Config::getValue("targetPort");
 		const string relayMode = Config::getValue("relayMode");
-		covertchannel = new ProxyChannel(innerInterface, outerInterface, ownIP, partnerIP, filterIP, filterPort, relayMode == "true");
+		covertchannel = new ProxyChannel(innerInterface, outerInterface, ownIP, partnerIP, originIP, targetIP, targetPort, relayMode == "true");
 
 		// covertchannel = new ForwardChannel(innerInterface, outerInterface);
 		covertchannel->startSniffing();
+	} else if (covertChannelMode == "forward") {
+		const string innerInterface = Config::getValue("innerInterface");
+		const string outerInterface = Config::getValue("outerInterface");
+
+		covertchannel = new ForwardChannel(innerInterface, outerInterface);
+		covertchannel->startSniffing();
 	}
 
 	// check if userStorage is add specified location