API tools faq
paste
Advertisement
xGHOSTSECx

NetworkTemplate.cpp

xGHOSTSECx
Dec 29th, 2023
829
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 5.82 KB | None | 0 0
raw download clone embed print report
  1. #include <iostream>
  2. #include <string>
  3. #include <vector>
  4. #include <unordered_set>
  5. #include <openssl/ssl.h>
  6. #include <openssl/err.h>
  7. #include <openssl/aes.h>
  8. #include <openssl/rand.h>
  9. #include <winsock2.h>
  10.  
  11. #pragma comment(lib, "ws2_32.lib")
  12. #pragma comment(lib, "libssl.lib")
  13. #pragma comment(lib, "libcrypto.lib")
  14.  
  15. constexpr int SERVER_PORT = 443;
  16. constexpr int MAX_CLIENTS = 10;
  17. constexpr int AES_KEY_SIZE = 32;  // 256 bits (AES-256)
  18.  
  19. std::unordered_set<std::string> allowedIPs = {"127.0.0.1"};
  20.  
  21. SSL_CTX* InitializeSSLContext() {
  22.     SSL_library_init();
  23.     SSL_load_error_strings();
  24.     OpenSSL_add_all_algorithms();
  25.  
  26.     SSL_CTX* ctx = SSL_CTX_new(TLS_server_method());
  27.     if (!ctx) {
  28.         std::cerr << "Failed to create SSL context." << std::endl;
  29.         ERR_print_errors_fp(stderr);
  30.         return nullptr;
  31.     }
  32.  
  33.     if (SSL_CTX_use_certificate_file(ctx, "server.crt", SSL_FILETYPE_PEM) <= 0 ||
  34.         SSL_CTX_use_PrivateKey_file(ctx, "server.key", SSL_FILETYPE_PEM) <= 0) {
  35.         std::cerr << "Error loading certificates or private key." << std::endl;
  36.         ERR_print_errors_fp(stderr);
  37.         SSL_CTX_free(ctx);
  38.         return nullptr;
  39.     }
  40.  
  41.     return ctx;
  42. }
  43.  
  44. bool IsIPAllowed(const std::string& clientIP) {
  45.     return allowedIPs.find(clientIP) != allowedIPs.end();
  46. }
  47.  
  48. std::string GetClientIP(const sockaddr_in& clientAddress) {
  49.     char ipBuffer[INET_ADDRSTRLEN];
  50.     inet_ntop(AF_INET, &(clientAddress.sin_addr), ipBuffer, INET_ADDRSTRLEN);
  51.     return ipBuffer;
  52. }
  53.  
  54. void HandleHTTPRequest(const std::string& httpRequest, SSL* ssl) {
  55.     // Implement your HTTP request handling logic here
  56.     // Example: Parse httpRequest, generate responses, and send them using SSL_write
  57.     // ...
  58.  
  59.     // Sample response to be sent back
  60.     std::string httpResponse = "HTTP/1.1 200 OK\r\n"
  61.                                 "Content-Type: text/html\r\n"
  62.                                 "\r\n"
  63.                                 "<html><body><h1>Hello, World!</h1></body></html>";
  64.  
  65.     // Encrypt the response using AES-256
  66.     unsigned char aesKey[AES_KEY_SIZE];
  67.     unsigned char iv[AES_BLOCK_SIZE];
  68.     if (RAND_bytes(aesKey, AES_KEY_SIZE) != 1 || RAND_bytes(iv, AES_BLOCK_SIZE) != 1) {
  69.         std::cerr << "Failed to generate AES keys." << std::endl;
  70.         return;
  71.     }
  72.  
  73.     AES_KEY encKey;
  74.     if (AES_set_encrypt_key(aesKey, AES_KEY_SIZE * 8, &encKey) != 0) {
  75.         std::cerr << "Failed to set AES encryption key." << std::endl;
  76.         return;
  77.     }
  78.  
  79.     unsigned char encryptedData[4096];
  80.     int encryptedDataLength = 0;
  81.  
  82.     AES_cbc_encrypt(reinterpret_cast<const unsigned char*>(httpResponse.c_str()), encryptedData,
  83.                     httpResponse.length(), &encKey, iv, AES_ENCRYPT);
  84.     encryptedDataLength = httpResponse.length();
  85.  
  86.     // Send the encrypted response
  87.     SSL_write(ssl, encryptedData, encryptedDataLength);
  88. }
  89.  
  90. int main() {
  91.     WSADATA wsaData;
  92.     if (WSAStartup(MAKEWORD(2, 2), &wsaData) != 0) {
  93.         std::cerr << "Failed to initialize Winsock." << std::endl;
  94.         return 1;
  95.     }
  96.  
  97.     SOCKET listenSocket = socket(AF_INET, SOCK_STREAM, 0);
  98.     if (listenSocket == INVALID_SOCKET) {
  99.         std::cerr << "Failed to create socket." << std::endl;
  100.         WSACleanup();
  101.         return 1;
  102.     }
  103.  
  104.     sockaddr_in serverAddress;
  105.     serverAddress.sin_family = AF_INET;
  106.     serverAddress.sin_addr.s_addr = INADDR_ANY;
  107.     serverAddress.sin_port = htons(SERVER_PORT);
  108.  
  109.     if (bind(listenSocket, reinterpret_cast<sockaddr*>(&serverAddress), sizeof(serverAddress)) == SOCKET_ERROR) {
  110.         std::cerr << "Failed to bind socket." << std::endl;
  111.         closesocket(listenSocket);
  112.         WSACleanup();
  113.         return 1;
  114.     }
  115.  
  116.     if (listen(listenSocket, MAX_CLIENTS) == SOCKET_ERROR) {
  117.         std::cerr << "Listen failed." << std::endl;
  118.         closesocket(listenSocket);
  119.         WSACleanup();
  120.         return 1;
  121.     }
  122.  
  123.     SSL_CTX* sslContext = InitializeSSLContext();
  124.     if (!sslContext) {
  125.         closesocket(listenSocket);
  126.         WSACleanup();
  127.         return 1;
  128.     }
  129.  
  130.     while (true) {
  131.         SOCKET clientSocket = accept(listenSocket, nullptr, nullptr);
  132.         if (clientSocket == INVALID_SOCKET) {
  133.             std::cerr << "Accept failed." << std::endl;
  134.             continue;
  135.         }
  136.  
  137.         std::string clientIP = GetClientIP(clientAddress);
  138.         if (!IsIPAllowed(clientIP)) {
  139.             std::cerr << "Unauthorized access attempt from IP: " << clientIP << std::endl;
  140.             closesocket(clientSocket);
  141.             continue;
  142.         }
  143.  
  144.         SSL* ssl = SSL_new(sslContext);
  145.         if (!ssl) {
  146.             std::cerr << "Failed to create SSL object." << std::endl;
  147.             closesocket(clientSocket);
  148.             continue;
  149.         }
  150.  
  151.         if (SSL_set_fd(ssl, clientSocket) <= 0) {
  152.             std::cerr << "Failed to set SSL file descriptor." << std::endl;
  153.             SSL_free(ssl);
  154.             closesocket(clientSocket);
  155.             continue;
  156.         }
  157.  
  158.         if (SSL_accept(ssl) <= 0) {
  159.             std::cerr << "SSL handshake error." << std::endl;
  160.             ERR_print_errors_fp(stderr);
  161.             SSL_free(ssl);
  162.             closesocket(clientSocket);
  163.             continue;
  164.         }
  165.  
  166.         char buffer[4096];
  167.         int bytesRead = SSL_read(ssl, buffer, sizeof(buffer));
  168.         if (bytesRead > 0) {
  169.             buffer[bytesRead] = '\0';
  170.             std::string request(buffer);
  171.             // Determine the type of request (HTTP, Promiscuous, DNS Tunneling) and handle accordingly
  172.             if (request.find("HTTP") == 0) {
  173.                 HandleHTTPRequest(request, ssl);
  174.             }
  175.         }
  176.  
  177.         SSL_shutdown(ssl);
  178.         SSL_free(ssl);
  179.         closesocket(clientSocket);
  180.     }
  181.  
  182.     SSL_CTX_free(sslContext);
  183.     closesocket(listenSocket);
  184.     WSACleanup();
  185.     return 0;
  186. }
  187.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!