• Welcome
• Event-FAQ
• Event FAQ
• cb-testing
• cb-acceptance
• cb-replay
• cb-replay-pov
• cb-test
• poll-validate
• cgc-release-documentation/newsletter
• News Letter 1: IPC
• News Letter 2: C++
• News Letter 3: CTF
• News Letter X: Template
• cgc-release-documentation/walk-throughs
• Building a Challenge Binary
• CGC Repositories
• Debugging a Challenge Binary
• Running Intel PIN on DECREE Challenge Binaries
• Running the Virtual Machine
• Scoring a Challenge Binary Set
• Submitting a Challenge Binary
• Testing a Challenge Binary
• Understanding Poll Generators
• Understanding Proofs of Vulnerability in CFE
• Using the Network Appliance
• Virtual Competition
• Writing an Instruction Tracer for DECREE Challenge Binaries Using ptrace
• cgc2elf
• cgc2elf
• cgcef-verify
• cgcef_verify
• libcgc
• allocate
• CGC ABI
• deallocate
• fdwait
• random
• receive
• _terminate
• transmit
• libcgcef
• CGC Executable Format
• libpov
• libpov
• type1_negotiate
• type2_negotiate
• type2_submit
• network-appliance
• cb-packet-log
• cb-proxy
• verify-rules
• poll-generator
• generate-polls
• pov-xml2c
• pov-xml2c
• service-launcher
• cb-server
• virtual-competition
• ti-client
• ti-rotate
• ti-server

cb-proxy

cb-proxy - CGC Network Appliance

SYNOPSIS

cb-proxy [options] --host HOST --port PORT

DESCRIPTION

cb-proxy is an asynchronous TCP proxy server that allows for traffic inspection, modification, and logging in the DECREE environment. Inspection is performed in a 'Snort Like' domain specific language.

ARGUMENTS

--host HOST

Specify the HOST to forward traffic.

--port PORT

Specify the PORT to listen for incoming sessions and to connect to HOST.

OPTIONS

-h

Display a usage message and exit

--rules RULES

Specify a RULES file to for traffic inspection

--negotiate

Ignore the DECREE negotiation content that is used during CFE for PRNG seed communication

--listen_host HOST

Only listen for traffic on the specified HOST address

--listen_port PORT

Optionally listen for a different port than the destination port

--outbound_host HOST

Specify the HOST address to use for outbound communication

--max_connections MAX_CONNECTIONS

Specify the maximum number of connections to process before exiting

--pcap_host HOST

Specify the HOST to log the network traffic as it is sent to the destination

--pcap_port PORT

Specify the PORT to log the network traffic as it is sent to the destination

--csid CSID

Specify a unique identifier for the logged network traffic

--buffer_size SIZE

Specify a maximum size for the inspection buffer sliding window

Traffic Logging

If the pcap_host option is provided, cb-proxy will send all traffic via UDP to the specified host.

A sample application cb-packet-log is provided that listens to the traffic and records it in PCAP format.

A sample wireshark decoder, cgc.lua, can be used to inspect the pcaps generated by cb-packet-log.

EXAMPLE USES

cb-proxy --host cb --port 12345

This will create a proxy that forwards any communication between the client and server listening on port '12345' on the host 'cb'.

cb-proxy --host cb --port 12345 --rules ids.rules

This will create a proxy that inspects communication between the client and server listening on port '12345' on the host 'cb', using the rules specified in 'ids.rules'.

COPYRIGHT

Copyright (C) 2015, Brian Caswell

SEE ALSO

cb-server(1), cb-replay(1), cb-replay-pov(1), cb-packet-log(1)

For more information relating to DARPA's Cyber Grand Challenge, please visit http://www.darpa.mil/cybergrandchallenge/