Exploit distribution to nodes

Issue #59 new
Kevin Hamacher repo owner created an issue

The RAF client should be able to establish a connection to the RAF without any task, so that it just registers itself as available node. Exploits can be submitted to the RAF itself, which then distributes it to one available node.

Some Ideas:

  • Make the connection permanent, so that error messages (exploit failed etc) can be sent back to the server
  • Nodes can run multiple exploits at once (depending on the load), necessary if we have only few nodes, otherwise the RAF would distribute it for 1 exploit/node
  • Nodes send RAF usage information, such as time needed for the exploit etc.
  • Create image for the netzlabor where the RAF client autostarts

Things that would be TODO:

  • Restructure the protocol. Currently, the setup-message consists of the service and exploitname and these values are then specific for this connection. This needs to be removed and an exploit-id field has to be submitted with each command (e.g. submit_flag).
  • Add protocol functionality for idle worker-nodes, transfering files(? - distribute it via sending an url?), sending back data, reporting errors etc.
  • Implement client/server logic

I don't think we need backward-compability (in this case we could use a second port for distributing exploits - not that decent), so I'd say we could create a milestone here and say this is 3.0 stable and then work on a dev-branch. So we won't have troubles with broken functionality on the next attack-defense CTFs ;)

Comments (1)

  1. Luca Ebach

    Some impressions from IRC:

    • extend protocol to have all data traffic going through a single port (clean but difficult) or open second port (easier but nasty)
    • exploit distribution via http //EDIT: Poco already provides some HttpServer, we just need to use it
  2. Log in to comment