tobias.wach/CCats: Mirror of Covert Channel Application on the RWTH Aachen GitLab. @ 99263a8448e70c3e52b3a50af98167929819c327

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112

#ifndef TCPURGENCYCHANNEL_H
#define TCPURGENCYCHANNEL_H

#include "CovertChannel.h"

#include "CovertProtocol.hpp"

/**
 * @class TCPUrgencyChannel
 *
 * A CovertChannel which hides data in the TCP urgency pointer
 *
 * @param PASSIVE true - server only reacts to incoming channel | false - server initiates channel
 */
template <bool PASSIVE> class TCPUrgencyChannel : public CovertChannel {
public:
	/**
	 * Sets up a CovertChannel.
	 *
	 * Creates a CovertChannel, sets the network interfaces for sniffing and sending and sets the filter.
	 *
	 * @param innerInterface name of the interface of the inner network
	 * @param outerInterface name of the interface of the outer network
	 * @param ownIP IP of this server
	 * @param targetIP IP of the target server
	 * @param targetPort Port of the target server
	 */
	TCPUrgencyChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &targetIP,
	                  const std::string &targetPort)
	    : CovertChannel(innerInterface, outerInterface,
	                    "(not (tcp and " + std::string(PASSIVE ? "src" : "dst") + " host " + targetIP + " and " + std::string(PASSIVE ? "src" : "dst") +
	                        " port " + targetPort + ")) and (not (dst host " + ownIP + "))",
	                    "(not (tcp and " + std::string(PASSIVE ? "dst" : "src") + " host " + targetIP + " and " + std::string(PASSIVE ? "dst" : "src") +
	                        " port " + targetPort + ")) and (not (dst host " + ownIP + "))",
	                    "tcp and " + std::string(PASSIVE ? "src" : "dst") + " host " + targetIP + " and " + std::string(PASSIVE ? "src" : "dst") + " port " +
	                        targetPort,
	                    "tcp and " + std::string(PASSIVE ? "dst" : "src") + " host " + targetIP + " and " + std::string(PASSIVE ? "dst" : "src") + " port " +
	                        targetPort) {}

	/**
	 * Destroys the CovertChannel.
	 */
	virtual ~TCPUrgencyChannel() {}

	/**
	 * Send a file over the covert channel.
	 *
	 * @param fileName name of the file in the file directory
	 * @return true - file will be sent | false - file was not accepted
	 */
	virtual bool sendFile(const std::string &fileName) {
		if constexpr (PASSIVE) {
			return false;
		} else {
			return protocol.sendFile(fileName);
		}
	}

protected:
	/**
	 * Handler for sniffed packets filterd to forward from the outer network.
	 *
	 * Handles incoming packets and forwards them.
	 *
	 * @param pdu sniffed packet
	 *
	 * @return false = stop loop | true = continue loop
	 */
	virtual bool handleChannelFromOuter(Tins::PDU &pdu) {
		Tins::TCP &tcp = pdu.rfind_pdu<Tins::TCP>();
		if constexpr (PASSIVE) {
			uint16_t data = tcp.urg_ptr();
			protocol.receive((uint8_t *)(&data));
			tcp.urg_ptr(0);
			innerSender.send(pdu);
		} else {
			// uint16_t urg = tcp.urg_ptr();
			// tcp.urg_ptr(0);
			innerSender.send(pdu);
		}
		return true;
	}

	/**
	 * Handler for sniffed packets filterd to forward from the inner network.
	 *
	 * Handles incoming packets and forwards them.
	 *
	 * @param pdu sniffed packet
	 *
	 * @return false = stop loop | true = continue loop
	 */
	virtual bool handleChannelFromInner(Tins::PDU &pdu) {
		Tins::TCP &tcp = pdu.rfind_pdu<Tins::TCP>();
		if constexpr (PASSIVE) {
			outerSender.send(pdu);
		} else {
			uint16_t data = 0;
			protocol.send((uint8_t *)(&data));
			tcp.urg_ptr(data);
			outerSender.send(pdu);
		}
		return true;
	}

	/**
	 * protocol used to transmit data
	 */
	CovertProtocol<2, PASSIVE> protocol;
};

#endif

TCPUrgencyChannel.hpp 3.5 KB History Raw

TCPUrgencyChannel.hpp 3.5 KB

History Raw