CCats/daemon/include/CovertChannel/TCPOptionTimestampChannel.hpp

#ifndef TCPOPTIONTIMESTAMPCHANNEL_H
#define TCPOPTIONTIMESTAMPCHANNEL_H

#include "CovertChannel.h"
#include "CovertProtocolBidirectional.hpp"

#include <utility>

/**
 * @class TCPOptionTimestampChannel
 *
 * A CovertChannel which hides data in the TCP timestamp option field.
 *
 * @warning Only use on connections which will never use the timestamp option on their own!!!
 *
 * @param PASSIVE true - server only reacts to incoming channel | false - server initiates channel
 */
template <bool PASSIVE> class TCPOptionTimestampChannel : public CovertChannel {
public:
	/**
	 * Sets up a CovertChannel.
	 *
	 * Creates a CovertChannel, sets the network interfaces for sniffing and sending and sets the filter.
	 *
	 * @param innerInterface name of the interface of the inner network
	 * @param outerInterface name of the interface of the outer network
	 * @param ownIP IP of this server
	 * @param targetIP IP of the target server
	 * @param targetPort Port of the target server
	 */
	TCPOptionTimestampChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &targetIP,
	                          const std::string &targetPort)
	    : CovertChannel(innerInterface, outerInterface,
	                    "(not (tcp and " + std::string(PASSIVE ? "src" : "dst") + " host " + targetIP + " and " + std::string(PASSIVE ? "src" : "dst") +
	                        " port " + targetPort + ")) and (not (dst host " + ownIP + "))",
	                    "(not (tcp and " + std::string(PASSIVE ? "dst" : "src") + " host " + targetIP + " and " + std::string(PASSIVE ? "dst" : "src") +
	                        " port " + targetPort + ")) and (not (dst host " + ownIP + "))",
	                    "tcp and " + std::string(PASSIVE ? "src" : "dst") + " host " + targetIP + " and " + std::string(PASSIVE ? "src" : "dst") + " port " +
	                        targetPort,
	                    "tcp and " + std::string(PASSIVE ? "dst" : "src") + " host " + targetIP + " and " + std::string(PASSIVE ? "dst" : "src") + " port " +
	                        targetPort) {}

	/**
	 * Destroys the CovertChannel.
	 */
	virtual ~TCPOptionTimestampChannel() {}

	/**
	 * Send a file over the covert channel.
	 *
	 * @param fileName name of the file in the file directory
	 * @return true - file will be sent | false - file was not accepted
	 */
	virtual bool sendFile(const std::string &fileName) {
		if constexpr (PASSIVE) {
			return false;
		} else {
			return protocol.sendFile(fileName);
		}
	}

protected:
	/**
	 * Handler for sniffed packets filterd to forward from the outer network.
	 *
	 * Handles incoming packets and forwards them.
	 *
	 * @param pdu sniffed packet
	 *
	 * @return false = stop loop | true = continue loop
	 */
	virtual bool handleChannelFromOuter(Tins::PDU &pdu) {
		Tins::TCP &tcp = pdu.rfind_pdu<Tins::TCP>();

		std::pair<uint32_t, uint32_t> timestamp = tcp.timestamp();
		uint64_t data = ((uint64_t)timestamp.first) << 32 | timestamp.second;
		protocol.receive((uint8_t *)(&data));
		tcp.remove_option(Tins::TCP::OptionTypes::TSOPT);
		innerSender.send(pdu);

		return true;
	}

	/**
	 * Handler for sniffed packets filterd to forward from the inner network.
	 *
	 * Handles incoming packets and forwards them.
	 *
	 * @param pdu sniffed packet
	 *
	 * @return false = stop loop | true = continue loop
	 */
	virtual bool handleChannelFromInner(Tins::PDU &pdu) {
		Tins::TCP &tcp = pdu.rfind_pdu<Tins::TCP>();

		uint64_t data = 0;
		protocol.send((uint8_t *)(&data));
		tcp.timestamp(data >> 32, data);
		outerSender.send(pdu);

		return true;
	}

	/**
	 * protocol used to transmit data
	 */
	CovertProtocolBidirectional<8, PASSIVE> protocol;
};

#endif