CCats/daemon/src/CovertChannel/ProxyChannel.cpp

#include "../../include/CovertChannel/ProxyChannel.h"
#include <iostream>

ProxyChannel::ProxyChannel(const std::string &innerInterface, const std::string &outerInterface, const std::string &ownIP, const std::string &partnerIP,
                           const std::string &originIP, const std::string &targetIP, const std::string &targetPort, const std::string &ownMAC,
                           const std::string &originMAC, const std::string &channelGatewayMAC, const std::string &gatewayMAC, const bool relayOnly)
    : CovertChannel(innerInterface, outerInterface,
                    "(not (tcp and src host " + originIP + " and dst host " + targetIP + " and dst port " + targetPort + ")) and (not (dst host " + ownIP +
                        "))",
                    "(not (tcp and src host " + targetIP + " and dst host " + ownIP + " and src port " + targetPort + ")) and (not (dst host " + ownIP + "))",
                    "tcp and src host " + originIP + " and dst host " + targetIP + " and dst port " + targetPort,
                    "tcp and src host " + targetIP + " and dst host " + ownIP + " and src port " + targetPort,
                    "tcp and src host " + partnerIP + " and dst host " + ownIP + " and port " + targetPort),

      relayOnly(relayOnly), ownAddress(ownIP), partnerAddress(partnerIP), originAddress(originIP), targetAddress(targetIP), ownMAC(ownMAC),
      channelGatewayMAC(channelGatewayMAC), gatewayMAC(gatewayMAC), originMAC(originMAC) {}

ProxyChannel::~ProxyChannel() {}

bool ProxyChannel::handleChannelFromOuter(Tins::PDU &pdu) {
	// TODO: check in a list how to route it and who send the request for this answer

	Tins::EthernetII &eth = pdu.rfind_pdu<Tins::EthernetII>();
	Tins::IP &ip = pdu.rfind_pdu<Tins::IP>();
	if (relayOnly) {
		// redirect to partner
		eth.src_addr(ownMAC);
		eth.dst_addr(channelGatewayMAC);
		ip.src_addr(ownAddress);
		ip.dst_addr(partnerAddress);
		outerSender.send(pdu);
	} else {
		// Just forward it
		// eth.src_addr(gatewayMAC);
		// eth.dst_addr(originMAC);
		// ip.src_addr(targetAddress);
		// ip.dst_addr(originAddress);
		innerSender.send(pdu);
		std::cout << "channel from outer" << std::endl;
	}
	return true;
}

bool ProxyChannel::handleChannelFromInner(Tins::PDU &pdu) {
	Tins::EthernetII &eth = pdu.rfind_pdu<Tins::EthernetII>();
	Tins::IP &ip = pdu.rfind_pdu<Tins::IP>();
	if (relayOnly) {
		std::cerr << "Fixme: packet cannot be routed back so it's dropped here!!!" << std::endl;
		// outerSender.send(pdu);
		// TODO: add pdu to a list to check later how to route it
	} else {
		eth.src_addr(ownMAC);
		eth.dst_addr(channelGatewayMAC);
		ip.src_addr(ownAddress);
		ip.dst_addr(partnerAddress);
		outerSender.send(pdu);
		std::cout << "channel from inner" << std::endl;
	}
	return true;
}

bool ProxyChannel::handlePartnerFromOuter(Tins::PDU &pdu) {
	Tins::EthernetII &eth = pdu.rfind_pdu<Tins::EthernetII>();
	Tins::IP &ip = pdu.rfind_pdu<Tins::IP>();
	if (relayOnly) {
		// redirect to target
		eth.src_addr(ownMAC);
		eth.dst_addr(gatewayMAC);
		ip.src_addr(ownAddress);
		ip.dst_addr(targetAddress);
		outerSender.send(pdu);
		std::cout << "relay" << std::endl;
	} else {
		eth.src_addr(gatewayMAC);
		eth.dst_addr(originMAC);
		ip.src_addr(targetAddress);
		ip.dst_addr(originAddress);
		innerSender.send(pdu);
		std::cout << "partner" << std::endl;
	}
	return true;
}