TCPUrgencyChannel.hpp 3.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
  1. #ifndef TCPURGENCYCHANNEL_H
  2. #define TCPURGENCYCHANNEL_H
  3. #include "CovertChannel.h"
  4. #include "CovertProtocolBidirectional.hpp"
  5. /**
  6. * @class TCPUrgencyChannel
  7. *
  8. * A CovertChannel which hides data in the TCP urgency pointer
  9. *
  10. * @param PASSIVE true - server only reacts to incoming channel | false - server initiates channel
  11. */
  12. template <bool PASSIVE> class TCPUrgencyChannel : public CovertChannel {
  13. public:
  14. /**
  15. * Sets up a CovertChannel.
  16. *
  17. * Creates a CovertChannel, sets the network interfaces for sniffing and sending and sets the filter.
  18. *
  19. * @param innerInterface name of the interface of the inner network
  20. * @param outerInterface name of the interface of the outer network
  21. * @param ownIP IP of this server
  22. * @param targetIP IP of the target server
  23. * @param targetPort Port of the target server
  24. */
  25. TCPUrgencyChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &targetIP,
  26. const std::string &targetPort)
  27. : CovertChannel(innerInterface, outerInterface,
  28. "(not (tcp and " + std::string(PASSIVE ? "src" : "dst") + " host " + targetIP + " and " + std::string(PASSIVE ? "src" : "dst") +
  29. " port " + targetPort + ")) and (not (dst host " + ownIP + "))",
  30. "(not (tcp and " + std::string(PASSIVE ? "dst" : "src") + " host " + targetIP + " and " + std::string(PASSIVE ? "dst" : "src") +
  31. " port " + targetPort + ")) and (not (dst host " + ownIP + "))",
  32. "tcp and " + std::string(PASSIVE ? "src" : "dst") + " host " + targetIP + " and " + std::string(PASSIVE ? "src" : "dst") + " port " +
  33. targetPort,
  34. "tcp and " + std::string(PASSIVE ? "dst" : "src") + " host " + targetIP + " and " + std::string(PASSIVE ? "dst" : "src") + " port " +
  35. targetPort) {}
  36. /**
  37. * Destroys the CovertChannel.
  38. */
  39. virtual ~TCPUrgencyChannel() {}
  40. /**
  41. * Send a file over the covert channel.
  42. *
  43. * @param fileName name of the file in the file directory
  44. * @return true - file will be sent | false - file was not accepted
  45. */
  46. virtual bool sendFile(const std::string &fileName) {
  47. if constexpr (PASSIVE) {
  48. return false;
  49. } else {
  50. return protocol.sendFile(fileName);
  51. }
  52. }
  53. protected:
  54. /**
  55. * Handler for sniffed packets filterd to forward from the outer network.
  56. *
  57. * Handles incoming packets and forwards them.
  58. *
  59. * @param pdu sniffed packet
  60. *
  61. * @return false = stop loop | true = continue loop
  62. */
  63. virtual bool handleChannelFromOuter(Tins::PDU &pdu) {
  64. Tins::TCP &tcp = pdu.rfind_pdu<Tins::TCP>();
  65. uint16_t data = tcp.urg_ptr();
  66. protocol.receive((uint8_t *)(&data));
  67. tcp.urg_ptr(0);
  68. innerSender.send(pdu);
  69. return true;
  70. }
  71. /**
  72. * Handler for sniffed packets filterd to forward from the inner network.
  73. *
  74. * Handles incoming packets and forwards them.
  75. *
  76. * @param pdu sniffed packet
  77. *
  78. * @return false = stop loop | true = continue loop
  79. */
  80. virtual bool handleChannelFromInner(Tins::PDU &pdu) {
  81. Tins::TCP &tcp = pdu.rfind_pdu<Tins::TCP>();
  82. uint16_t data = 0;
  83. protocol.send((uint8_t *)(&data));
  84. tcp.urg_ptr(data);
  85. outerSender.send(pdu);
  86. return true;
  87. }
  88. /**
  89. * protocol used to transmit data
  90. */
  91. CovertProtocolBidirectional<2, PASSIVE> protocol;
  92. };
  93. #endif