Sceptique
/
modular-worm
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
modular-worm/doc/network_protocol.html

47 lines
2.3 KiB
HTML
Raw Permalink Blame History

<h1 id="network-protocol">Network protocol</h1>
<p>Network protocol will be managed by a plugin, which means we can switch between several protocols by switching between plugins. It allows us to have both a centralized and a de-centralized worm. Our first implementation will be the decentralized one. Here are the specs:</p>
<p>Since there is no central nodes, each packet will be sent over udp (stealthier, don't have to maintain a lot of connections).</p>
<p>However, we have to add a way to verify if the packet has been well received. If not, the remote host may be offline, so it is required to feedback the packet's transmission failure. (We might try to re-send it several times, depending on the message priority, before assuming the host is offline).</p>
<p>The nodes will not know the other nodes, they will be limited to a certain amount. So there will be a forward system, which is only managed by the plugin.</p>
<h3 id="packet-content-msg">Packet content (MSG)</h3>
<pre><code>magic_number: 32 bits
packet_id: 32 bits
TTL: 8 bits
destination_host: 32 bits (random id)
destination_plugin: 32 bits
body_length: 16 bits
body: 65000 bytes</code></pre>
<ul>
<li><code>body_length</code> is 65000 because max size of a UDP is limited to 65KiB. It is a limitation of UDP which might fragment packets over 65KB (less IPHL, UDHL and header length).</li>
<li><code>destination_host</code> is a random id assigned to each instance of the worm. Each instance will associate IDs with the hosts he knows (ip, port).</li>
<li><code>destination_plugin</code> is the identifier of the packet (id, version, ...)</li>
</ul>
<h3 id="response-packet-ack">Response packet (ACK)</h3>
<pre><code>magic_number: 32 bits
packet_id: 32 bits</code></pre>
<h3 id="api">API</h3>
<ul>
<li><code>feature</code>: 8 bits</li>
<li>0x00: send message</li>
<li>0x01: add new host</li>
<li>0x02: list hosts</li>
<li><code>params</code>: union:</li>
<li><code>message</code>:
<ul>
<li><code>ttl</code>: 8 bits</li>
</ul></li>
<li><code>host_id</code>: 32 bits
<ul>
<li><code>plugin_id</code>: 16 bits</li>
<li><code>body_length</code>: 16 bits</li>
<li><code>body</code>: void*</li>
</ul></li>
<li><code>new_host</code>:
<ul>
<li><code>ip</code>: union</li>
<li><code>ipv4</code>: 32 bits</li>
<li><code>ipv6</code>: 128 bits</li>
<li><code>port</code>: 16 bits</li>
</ul></li>
</ul>
Reference in New Issue View Git Blame Copy Permalink