diff --git a/Makefile.am b/Makefile.am index cca48f4..cec46f8 100644 --- a/Makefile.am +++ b/Makefile.am @@ -11,7 +11,7 @@ PROJECT_GIT_TIME:=$(shell git log --pretty=format:'%ci' -n 1 2>/dev/null || echo ACLOCAL_AMFLAGS = -I config-aux --install #please note that the 32 bit time is needed for consistency inside the mingw64 build -AM_CXXFLAGS = -g -Werror -Wall -Wextra -Wformat=2 -Weffc++ -fstack-protector-all -D_USE_32BIT_TIME_T +AM_CXXFLAGS = -g -O0 -Werror -Wall -Wextra -Wformat=2 -Weffc++ -fstack-protector-all -D_USE_32BIT_TIME_T AM_CPPFLAGS = -I. -I$(srcdir)/src -D_FORTIFY_SOURCE=2 $(lib_CPPFLAGS) $(ws32_CFLAGS) \ diff --git a/modus_operandi/client-local-mitm.conf b/modus_operandi/client-local-mitm.conf index 14d3338..9bee719 100644 --- a/modus_operandi/client-local-mitm.conf +++ b/modus_operandi/client-local-mitm.conf @@ -58,6 +58,12 @@ shared-secret bingoBedbug disable-encryption 0 disable-retransmit 0 +traces-dir ./traces/ +#images-dir ./traces/images/usenix-corpus/1953x1301/q30-squashed +images-dir ./traces/images/usenix-corpus/1953x1301/q30 +pdfs-dir ./traces/pdfs +stream-dir ./traces/images/stream + #################################### # process options #################################### diff --git a/modus_operandi/start-server-local b/modus_operandi/start-server-local index 8b49e6f..f54dd4e 100755 --- a/modus_operandi/start-server-local +++ b/modus_operandi/start-server-local @@ -12,7 +12,7 @@ SERVER="./stegotorus --config-file=${CONFIG}" if [ -n "$VALGRIND" ] then -valgrind --leak-check=yes --db-attach=yes --db-command="/usr/bin/gdb %f %p" --dsymutil=yes --trace-children=no ${SERVER} 2>&1 | tee +valgrind --leak-check=yes --db-attach=yes --db-command="/usr/bin/gdb %f %p" --track-origins=yes --dsymutil=yes --trace-children=no ${SERVER} 2>&1 | tee else ${SERVER} 2>&1 | tee fi diff --git a/run_mitm b/run_mitm index fd9a2e0..147e98c 100755 --- a/run_mitm +++ b/run_mitm @@ -1 +1 @@ -mitmdump -R http://127.0.0.1:8081 -s scripts/jpeg_quality.py +mitmdump -P http://127.0.0.1:8081 -s scripts/jpeg_quality.py diff --git a/src/modus_operandi.cc b/src/modus_operandi.cc index 0e04fbb..95a5c53 100644 --- a/src/modus_operandi.cc +++ b/src/modus_operandi.cc @@ -24,6 +24,9 @@ using std::ifstream; * */ +//a secret for those that don't set their secret +#define STEGOTORUS_DEFAULT_SECRET "yadayadablahblah" + down_address_t::down_address_t() : ok(false), ip(), steg() @@ -52,7 +55,7 @@ void down_address_t::parse(string line) modus_operandi_t::modus_operandi_t() : _is_ok(false), _protocol(), _mode(), _up_address(), _down_addresses(), - _trace_packets(false), _persist_mode(false), _shared_secret(), + _trace_packets(false), _persist_mode(false), _shared_secret(STEGOTORUS_DEFAULT_SECRET), _disable_encryption(false), _disable_retransmit(false), _managed(false), _managed_method("stegotorus"), _daemon(false), _logmethod_set(false), _pid_file(), diff --git a/src/protocol/chop_circuit.cc b/src/protocol/chop_circuit.cc index 2a04221..a5dfe5d 100644 --- a/src/protocol/chop_circuit.cc +++ b/src/protocol/chop_circuit.cc @@ -440,7 +440,9 @@ chop_circuit_t::find_best_to_retransmit(chop_conn_t *conn, evbuffer* block) { int chop_circuit_t::send_targeted(chop_conn_t *conn) { - size_t avail = evbuffer_get_length(bufferevent_get_input(up_buffer)); + + struct evbuffer * ptr = bufferevent_get_input(up_buffer); + size_t avail = evbuffer_get_length(ptr); if (!(upstream_eof && !sent_fin) && config->retransmit) { diff --git a/src/steg/http.cc b/src/steg/http.cc index 308b555..090608f 100644 --- a/src/steg/http.cc +++ b/src/steg/http.cc @@ -36,6 +36,7 @@ http_steg_config_t::http_steg_config_t(config_t *cfg) assert(mop != NULL); post_reflection = mop->post_reflection(); + shared_secret = mop->shared_secret().c_str(); traces_dir = cfg->mop->get_steg_datadir(StegData::TRACES); images_dir = cfg->mop->get_steg_datadir(StegData::IMAGES); @@ -51,13 +52,14 @@ http_steg_config_t::http_steg_config_t(config_t *cfg) } zero_payloads(pl); + /* if(cfg->shared_secret){ this->shared_secret = xstrdup(cfg->shared_secret); } if(!this->shared_secret){ this->shared_secret = xstrdup(STEGOTORUS_DEFAULT_SECRET); } - + */ //log_warn("shared_secret = %s", this->shared_secret); if (is_clientside) { @@ -78,7 +80,7 @@ http_steg_config_t::http_steg_config_t(config_t *cfg) http_steg_config_t::~http_steg_config_t() { free_payloads(this->pl); - free(this->shared_secret); + //free(this->shared_secret); } steg_t * diff --git a/src/steg/http.h b/src/steg/http.h index 32c8f81..43cbc06 100644 --- a/src/steg/http.h +++ b/src/steg/http.h @@ -16,15 +16,13 @@ #include -//a secret for those that don't set their secret -#define STEGOTORUS_DEFAULT_SECRET "yadayadablahblah" class http_steg_config_t : public steg_config_t { public: bool is_clientside : 1; payloads pl; - char* shared_secret; + const char* shared_secret; modus_operandi_t* mop; /* diff --git a/src/steg/images.cc b/src/steg/images.cc index a1804da..fb07aef 100644 --- a/src/steg/images.cc +++ b/src/steg/images.cc @@ -342,6 +342,10 @@ image_p embed_message_in_image(image_p cover, unsigned char* message, int messag log_warn("embed_message_in_image: stegged image size = %" PriSize_t, retval->size); } + if(retval == NULL){ + log_warn("embed_message_in_image: FAILED culprit = %s", cover->path); + } + return retval; } diff --git a/src/steg/jpegSteg.cc b/src/steg/jpegSteg.cc index 942fd8a..25a75c2 100644 --- a/src/steg/jpegSteg.cc +++ b/src/steg/jpegSteg.cc @@ -65,19 +65,19 @@ static size_t deconstruct_jpeg_body(unsigned char *body, unsigned int body_length, unsigned char** datap, int message_length); static char* -construct_jpeg_cookie(int message_length, char *secret); +construct_jpeg_cookie(int message_length, const char *secret); static int -deconstruct_jpeg_cookie(char *cookie, char *secret); +deconstruct_jpeg_cookie(char *cookie, const char *secret); static char* -construct_jpeg_cookie_aux(int message_length, char *secret, size_t *clenp); +construct_jpeg_cookie_aux(int message_length, const char *secret, size_t *clenp); static int -deconstruct_jpeg_cookie_aux(char *cookie, size_t cookie_length, char *secret); +deconstruct_jpeg_cookie_aux(char *cookie, size_t cookie_length, const char *secret); char* -construct_jpeg_cookie(int message_length, char *secret) +construct_jpeg_cookie(int message_length, const char *secret) { size_t cookie_length = 0; char* cookie = construct_jpeg_cookie_aux(message_length, secret, &cookie_length); @@ -94,7 +94,7 @@ construct_jpeg_cookie(int message_length, char *secret) } int -deconstruct_jpeg_cookie(char *cookie, char *secret) +deconstruct_jpeg_cookie(char *cookie, const char *secret) { size_t cookie_length = strlen(cookie); int message_length = deconstruct_jpeg_cookie_aux(cookie, cookie_length, secret); @@ -116,7 +116,7 @@ deconstruct_jpeg_cookie(char *cookie, char *secret) char* -construct_jpeg_cookie_aux(int message_length, char * secret, size_t *clenp) +construct_jpeg_cookie_aux(int message_length, const char * secret, size_t *clenp) { char *cookie = NULL; size_t data_length = 0; @@ -142,7 +142,7 @@ construct_jpeg_cookie_aux(int message_length, char * secret, size_t *clenp) } int -deconstruct_jpeg_cookie_aux(char *cookie, size_t cookie_length, char *secret) +deconstruct_jpeg_cookie_aux(char *cookie, size_t cookie_length, const char *secret) { uchar* data = (uchar*)xmalloc(2*cookie_length); size_t ptext_length = 0; @@ -228,7 +228,7 @@ deconstruct_jpeg_body(unsigned char *body, unsigned int body_length, unsigned ch transmit_t http_server_JPEG_transmit (http_steg_t * s, struct evbuffer *source){ image_pool_p pool = s->config->pl.pool; - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; transmit_t retval = NOT_TRANSMITTED; conn_t *conn = s->conn; char *headers = NULL, *cookie = NULL; @@ -312,7 +312,7 @@ http_server_JPEG_transmit (http_steg_t * s, struct evbuffer *source){ recv_t http_client_JPEG_receive(http_steg_t * s, struct evbuffer *dest, char* headers, int headers_length, char* response, int response_length) { - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; recv_t retval = RECV_BAD; unsigned int data_length = 0, body_length = 0; unsigned char *data = NULL, *body = NULL; @@ -352,7 +352,7 @@ http_client_JPEG_post_transmit (http_steg_t *s, struct evbuffer *source, conn_t unsigned int headers_length = 0; unsigned char *data = NULL, *body = NULL; char *path = NULL, *headers = NULL, *cookie = NULL; - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; size_t body_length = 0, data_length; int emessage_length = 0; @@ -430,7 +430,7 @@ http_server_JPEG_post_receive(http_steg_t * s, struct evbuffer *dest, char* head /* JPEG POST MODE */ unsigned char *data = NULL, *body = NULL; unsigned int data_length = 0, body_length = 0; - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; char *cookie = NULL; size_t cookie_length; int message_length = 0; diff --git a/src/steg/jsonSteg.cc b/src/steg/jsonSteg.cc index ad4f1f6..c9eec55 100644 --- a/src/steg/jsonSteg.cc +++ b/src/steg/jsonSteg.cc @@ -79,16 +79,16 @@ static char* construct_json_format(int method, size_t payload); static char* -construct_json_cookie(char *format, size_t format_length, char *secret); +construct_json_cookie(char *format, size_t format_length, const char *secret); static char* -deconstruct_json_cookie(char *cookie, char *secret); +deconstruct_json_cookie(char *cookie, const char *secret); static char* -construct_json_cookie_aux(char *format, size_t format_length, char *secret, size_t *clenp); +construct_json_cookie_aux(char *format, size_t format_length, const char *secret, size_t *clenp); static char* -deconstruct_json_cookie_aux(char *cookie, size_t cookie_length, char *secret, size_t *flenp); +deconstruct_json_cookie_aux(char *cookie, size_t cookie_length, const char *secret, size_t *flenp); static size_t construct_json_body_unzipped(char* format, size_t format_length, char* data, size_t datalen, char**bodyp); @@ -136,7 +136,7 @@ get_placeholder_count(const char *format, size_t format_length) } char* -construct_json_cookie(char *format, size_t format_length, char *secret) +construct_json_cookie(char *format, size_t format_length, const char *secret) { size_t cookie_length = 0; char* cookie = construct_json_cookie_aux(format, format_length, secret, &cookie_length); @@ -154,7 +154,7 @@ construct_json_cookie(char *format, size_t format_length, char *secret) } char* -deconstruct_json_cookie(char *cookie, char *secret) +deconstruct_json_cookie(char *cookie, const char *secret) { size_t format_length = 0, cookie_length = strlen(cookie); char* format = deconstruct_json_cookie_aux(cookie, cookie_length, secret, &format_length); @@ -175,7 +175,7 @@ deconstruct_json_cookie(char *cookie, char *secret) char* -construct_json_cookie_aux(char *format, size_t format_length, char * secret, size_t *clenp) +construct_json_cookie_aux(char *format, size_t format_length, const char * secret, size_t *clenp) { char *cookie = NULL; size_t data_length = 0; @@ -193,7 +193,7 @@ construct_json_cookie_aux(char *format, size_t format_length, char * secret, siz } char* -deconstruct_json_cookie_aux(char *cookie, size_t cookie_length, char * secret, size_t *flenp) +deconstruct_json_cookie_aux(char *cookie, size_t cookie_length, const char * secret, size_t *flenp) { uchar* data = (uchar*)xmalloc(2*cookie_length); size_t ptext_length = 0; @@ -660,7 +660,7 @@ transmit_t http_server_JSON_transmit (http_steg_t * s, struct evbuffer *source) { transmit_t retval = TRANSMIT_GOOD; - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; conn_t *conn = s->conn; char* data = NULL, *body = NULL, *format = NULL, *cookie = NULL, *headers = NULL; size_t format_length; @@ -750,7 +750,7 @@ http_server_JSON_transmit (http_steg_t * s, struct evbuffer *source) recv_t http_client_JSON_receive (http_steg_t * s, struct evbuffer *dest, char* headers, size_t headers_length, char* response, size_t response_length) { - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; recv_t retval = RECV_BAD; size_t data_length = 0; char *body = NULL, *data = NULL, *format = NULL, *cookie = NULL; @@ -803,7 +803,7 @@ http_client_JSON_post_transmit (http_steg_t *s, struct evbuffer *source, conn_t unsigned int body_length = 0, headers_length = 0; char *data = NULL, *body = NULL, *path = NULL, *format = NULL, *cookie = NULL, *headers = NULL; size_t datalen; - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; size_t format_length = 0; //posts shouldn't be gzipped, since the client can't know that the server supports it. @@ -893,7 +893,7 @@ http_server_JSON_post_receive(http_steg_t * s, struct evbuffer *dest, char* head char *data = NULL, *body = NULL, *format = NULL, *cookie = NULL; size_t data_length = 0; size_t cookie_length = 0, format_length = 0; - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; /* posts shouldn't be gzipped, since the client can't know in advance that the server supports it. */ bool json_zipping = false; diff --git a/src/steg/pdfSteg.cc b/src/steg/pdfSteg.cc index ea9f76d..06fe4a8 100644 --- a/src/steg/pdfSteg.cc +++ b/src/steg/pdfSteg.cc @@ -603,7 +603,7 @@ http_server_PDF_transmit (http_steg_t * s, struct evbuffer *source) { recv_t http_client_PDF_receive (http_steg_t * s, struct evbuffer *dest, char* headers, size_t headers_length, char* response, size_t response_length) { - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; recv_t retval = RECV_BAD; size_t data_length = 0, body_length = 0; unsigned char *data = NULL, *body = NULL; @@ -868,7 +868,7 @@ http_server_PDF_post_receive (http_steg_t * s, struct evbuffer *dest, char* head unsigned char *data = NULL, *body = NULL; size_t data_length = 0; size_t body_length = 0; - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; /* the draconian flags we got going here... */ log_debug("http_server_PDF_post_receive: request_length=%" PriSize_t " %s %p", request_length, secret, headers); diff --git a/src/steg/rawSteg.cc b/src/steg/rawSteg.cc index 9c376cf..b88ffac 100644 --- a/src/steg/rawSteg.cc +++ b/src/steg/rawSteg.cc @@ -15,7 +15,7 @@ static size_t construct_raw_headers(int method, const char* path, const char* ho transmit_t http_server_RAW_transmit (http_steg_t * s, struct evbuffer *source){ - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; transmit_t retval = NOT_TRANSMITTED; conn_t *conn = s->conn; char* headers = NULL; @@ -79,7 +79,7 @@ http_server_RAW_transmit (http_steg_t * s, struct evbuffer *source){ recv_t http_client_RAW_receive (http_steg_t * s, struct evbuffer *dest, char* headers, size_t headers_length, char* response, size_t response_length) { - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; recv_t retval = RECV_BAD; size_t data_length = 0; char *data = NULL; @@ -104,7 +104,7 @@ http_client_RAW_post_transmit (http_steg_t *s, struct evbuffer *source, conn_t * unsigned char *data = NULL; size_t data_length = 0; int addcode; - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; log_debug("secret = %s", secret); @@ -173,7 +173,7 @@ http_server_RAW_post_receive(http_steg_t * s, struct evbuffer *dest, char* heade /* RAW POST MODE */ size_t data_length = 0; uchar* data; - char *secret = s->config->shared_secret; + const char *secret = s->config->shared_secret; log_debug("http_server_RAW_post_receive: request_length = %" PriSize_t " secret = %s", request_length, secret); //sigh: to keep the compiler happy with the draconian flags we got going here...