Home Explore Help
Sign In
tobias.wach
/
CCats
mirror of https://git.rwth-aachen.de/tobias.wach/ccats
1
0
Fork 0
Files Issues 0 Wiki
Tree: 424382f216
Branches Tags
CCats
/
daemon
/
Daemon-Config-Reference.md

Daemon-Config-Reference.md 2.7 KB
History Raw

Daemon configuration

The daemon is configurable by config.txt. The config file must be in the same directory from where you run the binary.

Configuration Values

port: The port where the server listens. Must be a valid port.
interface: The sniffer interface you want to use.
userdatabase: The file where userdata is stored in format: user;password
deleteAllowed: Says if a client is allowed to delete files from its file directory
filedirectory: The directory where files from the clients will be stored and read from
SSLenabled: When set to true, the server will only use and accept SSL connections from clients. Set to false to disable this
SSLcertificate: The certificate file to use for SSL connections
SSLprivatekey: The private key file to use for SSL connections
SSLdhparams: The diffie-hellman file to use for SSL connections

Notes about SSL

To use SSL, certificates, keys and diffie-hellman parameters are required. To generate these, a convenience script createsslfiles.sh is provided. The names of the output files are controlled with variables at the top of the script, modify these if desired. Assuming default names, place the user.crt, user.key and dh2048.pem files somewhere convenient and configure the server accordingly. Place the rootca.crt certificate in the directory you intend to run the client from.

If you get an error about SSL related files not being found despite them existing, shorten the names of the files. If you cannot connect and the server prints a error related to TLSv1, ensure your version of boost and OpenSSL are up to date.

Covert Channel options

covertChannelMode: Sets the covert channel mode. To deactiveate don't set it or set it to none or false.
innerInterface: The interface of your inner network
outerInterface: The interface of your outer network
targetIP: IP of the target server
targetPort: Port of the target server
passiveMode: true - server only reacts to incoming channel | false - server initiates channel

Covert Channel Modes

There are several covert channel modes which will transmit data in other ways. forward: no data transmission
tcpurgency: uses the TCP urgency pointer
tcpoptiontimestamp: uses the TCP option Timestamp to transmit data. WARNING: most OSs use the timestamp so you should not use this option.
tcpappend: appends the data to the payload of a TCP packet
tcpoptioncustom: writes data in a custom option field

Example for config.txt

port=1234
userdatabase=userStorage.txt
filedirectory=./files/
deleteAllowed=true
SSLenabled=true
SSLcertificate=user.crt
SSLprivatekey=user.key
SSLdhparams=dh2048.pem
activateCovertChannel=false