Home Explore Help
Sign In
tobias.wach
/
CCats
mirror of https://git.rwth-aachen.de/tobias.wach/ccats
1
0
Fork 0
Files Issues 0 Wiki
Tree: 67f3da16e5
Branches Tags
CCats
/
daemon
/
CovertProtocol.md

CovertProtocol.md 3.2 KB
History Raw

Covert Protocol

The Covert Protocol is the protocol used to communicate over the covert channel. The communication over the covert channels aims mainly on file transfers.

Bidirectional Covert Protocol

A bidirectional communication which uses commands to manage a file transfer.

A packet is at least 2 bytes big. The first byte is the header followed by one or multiple data bytes.

|   1 byte   |       n bytes       |
|   header   |        data         |

Header

A header contains a command and a segment number. Even if the no operation command is used the segment number must be counted.

|           8 bit           |
|           header          |

| 2 bit |  3 bit  |  3 bit  |
|  seg  |    -    |   com   |

Command

Commands which indicate

0x0 no operation
0x1 send file name size
0x2 send file name
0x3 send data size
0x4 send data
0x5 -
0x6 cancel / reset
0x7 error

The sending commands must be sent in the right order: lower number to higher number You can of course send a no operation or a cancel / reset command. If the order is not followed an error answer should be invoked.

0x0 no operation

No operation is the command which indicates to do nothing. It simply works as ACK to signal the packet was received.

0x1 send file name size

A file name size is a one byte number.

0 < file name size < 256

0x2 send file name

A file name is a string which can be up to 255 bytes long. This command must be looped until the file name is fully transmitted!

0x3 send data size

A data size is a 4 byte unsigned int. This command must be looped until the data size is fully transmitted!

0x4 send data

Data are as much bytes as communicated in send data size. This command must be looped until the data is fully transmitted!

0x6 cancel / reset

This command resets the transmission. The following segment number is the segment number of the reset packet plus 1.

0x7 error

This command signals there was an error and the transmission is to be resetted. The following segment number is the segnemtn number of the error packet plus 1.

Segment

The segment number is a counter for the packets in the covert channels. The segment number is increased on the passive server side.

An example how the packet exchange might look like.

A                       B
seg                   seg
=========================
1 -------------------->
  <-------------------- 2
2 -------------------->
  <-------------------- 3
3 --------- X                Packet lost

3 -------------------->      Retransmission from A
  <-------------------- 4
4 -------------------->
            X --------- 5    Packet lost

            X --------- 5    Retransmission from B
4 --------------------> 4    Retransmission from A
  <-------------------- 5

It might happen that a server is not possible to answer or all the answers won't be transmitted. This case should be handled with the cancel / reset or error command upon reconnection. Maybe the session is recoverable without a reset.

A                       B
seg                   seg
=========================
1 -------------------->
1 -------------------->
1 -------------------->