README.md 1.7 KB
CCats - Covert Channels are Tricky Stuff
CCats is a covert channel tool which works as man in the middle. Our motivation is to create a tool which allows you to send files over a covert channel between two controlled servers.
This repository consists of three programs: a server (daemon), a CLI-client and a GUI-client.
The server manages the uploaded files and transmits the files over the covert channel. The clients let you connect and login to the server and upload files and start file transmission over the covert channel.
The basic setup:
A ----------------- ------------------ B
o traffic | | | | traffic o
/|\ ---------| active Server | <== covert channel ==> | passive Server |--------- /|\
\\ | | | | //
----------------- ------------------
||
client connection
||
E ----------
o | |
/|\ | Client |
\\ | |
----------
A views the website of B on Port p and produces traffic between them. E knows that and sets up two servers. The active server is the server E which will be used to send a file to the passive server. E sets the target IP on the active server side to the IP of A and teh target IP on the passive side to the IP of B. The target Port in on both sides set to p. Now E connects to the active server with its client and queues a file for sending over the covert channel. The file transmission will start once A surfs on B's website again.