From 1fb630b7df7d65c436f7486266671f9eb942067c Mon Sep 17 00:00:00 2001 From: David Timber Date: Sat, 5 Nov 2022 19:19:30 +0800 Subject: Doc and source comment spelling check --- .vscode/settings.json | 27 +++++++++- doc/dev_notes.md | 18 +++---- doc/fmts.md | 2 +- doc/htbt.md | 140 +++++++++++++++++++++++++------------------------- doc/impl.md | 2 +- doc/sws.md | 28 +++++----- src/bne.h | 2 +- src/htbt.c | 2 +- src/resolv.h | 2 +- 9 files changed, 125 insertions(+), 98 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index b1804d4..7653e40 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -25,5 +25,30 @@ "doxdocgen.generic.commandSuggestionAddPrefix": true, "doxdocgen.generic.dateTemplate": "\\date {date}", "doxdocgen.generic.paramTemplate": "\\param {param} ", - "doxdocgen.generic.returnTemplate": "\\return {type} " + "doxdocgen.generic.returnTemplate": "\\return {type} ", + "cSpell.words": [ + "ALPN", + "bitfield", + "Buildroot", + "cmdline", + "DTLS", + "dvault", + "errno", + "Heartbeart", + "Hostinfo", + "hostinfod", + "htbt", + "MALLOC", + "Mbed", + "NYBIN", + "POSIX", + "Proone", + "resolv", + "struct" + ], + "cSpell.language": "en,en-GB", + "cSpell.enableFiletypes": [ + "md", + "puml" + ] } diff --git a/doc/dev_notes.md b/doc/dev_notes.md index 544606a..c314ff4 100644 --- a/doc/dev_notes.md +++ b/doc/dev_notes.md @@ -34,7 +34,7 @@ limited because in the worst case(or best?) scenario, the instance can spawn a large number of bne workers. Although there's no doubt that a regular PC is capable of running 100 or more bne workers. -The original idea was to implement both cooperative and preemtive threading +The original idea was to implement both cooperative and preemptive threading using C macros. You'll find some condition variables and locks for this purpose in the resolv implementation. This idea was abandoned. Should you have to switch to real threads, expect some race condition related bugs. @@ -42,7 +42,7 @@ to real threads, expect some race condition related bugs. ### Put Mbed TLS on Diet The build is not light because the Mbed TLS library is extensive. Proone is tested using default Mbed TLS config included in Buildroot, but size reduction -may be achieved by disabling unnessary features. +may be achieved by disabling unnecessary features. * Threading * DTLS @@ -55,12 +55,12 @@ code size. Proone does not expect user's intervention. Proone is programmed to exit when SIGINT is received for debugging purposes only. You can also see some code size reduction from removing the handling of the signal as well. -### Using SSH Subchannel for Transfering Binary Data +### Using SSH Subchannel for Transferring Binary Data Data transfer over a SSH session can be optimised by using a separate SSH channel for data transfer. The current implementation uses the data transfer method using commands available on the host such as echo and base64. This method is slow and expensive, even for regular PCs, but it's the only feasible method -of transfering binary data over telnet connections. +of transferring binary data over telnet connections. On a SSH connection, however, multiple channels can be created. Once the availability of the commands are checked, a separate channel can be opened for @@ -75,8 +75,8 @@ gzip -c file | ssh user@host "gzip -cd > file" ## Ideas ### "Organic" Cred Dict Rather than relying on the cred dict, program instances to try a few randomly -generated comboes before trying cred dict. If the instance gets a working random -combo, save it on memory. During the htbt m2m, exchange the saved random comboes +generated combos before trying cred dict. If the instance gets a working random +combo, save it on memory. During the htbt m2m, exchange the saved random combos to see if there's any common combo found by both parties. If there is, add that combo to the cred dict with the lowest weight value. If the combo already exists in the cred dict, increment the weight value. @@ -128,7 +128,7 @@ negative fd values are transparently filtered out before passed to `pth_poll()`. ## Problems ### Evading Packet Sniffing Lawful interception is conducted in most countries. Law enforcements often use -the characteristics exhibited by malwares to prevent the spread by filtering +the characteristics exhibited by malware to prevent the spread by filtering traffic. These are the "characteristics" of Proone. * SYN packets to remote port 64420[^2] @@ -158,13 +158,13 @@ torn down, but the new image could not be completely built. In such cases, the kernel kills the process with a SIGSEGV (SIGKILL until Linux 3.17) signal. This means that binary upgrade can result in the loss of the control over hosts. -But doing exec() from the main process seemed as an acceptable risk becuase the +But doing exec() from the main process seemed as an acceptable risk because the host doesn't have to maintain both old and new images this way. Memory is a scarce commodity on embedded devices! ## Notes on Arch For ARM, the codes are assigned for arches with major changes as per the -"industry standard". ARMV4T is the first and oldest Linux suppports. The thumb +"industry standard". ARMV4T is the first and oldest Linux supports. The thumb variant has been chosen because almost all ARM CPUs run Linux kernel with Thumb enabled. Major improvements and features were introduced with ARMV7(hfp) and AARCH64(more hfp registers and 64bit address space). Note that in order for a diff --git a/doc/fmts.md b/doc/fmts.md index e54a038..47ccafe 100644 --- a/doc/fmts.md +++ b/doc/fmts.md @@ -88,7 +88,7 @@ to determine the length of the data. Once the length of the data is unmasked, the data part of the masked entry data can be unmasked using the same algorithm. When the unmasked data entry is referenced and no longer needed, the entirety of the data must be masked back to the original form so that the data entries are -kept obsecure in memory. This should be done immediately by calling +kept obscure in memory. This should be done immediately by calling `prne_dvault_reset()`. Note that the total length of entries can be up to **around** 65,535 octets diff --git a/doc/htbt.md b/doc/htbt.md index 1a4bfd2..cc14379 100644 --- a/doc/htbt.md +++ b/doc/htbt.md @@ -1,14 +1,14 @@ # Heartbeart Protocol Spec The subsystem can work with DNS TXT records or over a TCP/IP connection. A -complete heartbeat connection consists of an **authoritive host** and a -**submissive host**. The authoritive host and the submissive host can be either -end of the TCP/IP connection. +complete heartbeat connection consists of an **authoritative host** and a +**submissive host**. The authoritative host and the submissive host can be +either end of the TCP/IP connection. Copyright (c) 2019-2022 David Timber <dxdt@dev.snart.me> **A session** is a series of messages identified by a single message id. A message is a combination of one or more frames. All messages begin with the -message header frame. The frame that should appear next depdens on the OP code +message header frame. The frame that should appear next depends on the OP code of the message header frame. A session is usually terminated by a message that indicates the end of the session. @@ -27,8 +27,8 @@ indicates the end of the session. * All message headers in a session share the same msg id * The OP code of a message header dictates the format of the following frame -The framinig protocol is designed so that multiple sessions can be pipelined -into a single TCP/IP connection or a DNS TXT record stream. +The framing protocol is designed so that multiple sessions can be pipelined into +a single TCP/IP connection or a DNS TXT record stream. ## Other Characteristics * Heartbeat Protocol is a big-endian protocol @@ -49,12 +49,12 @@ into a single TCP/IP connection or a DNS TXT record stream. ## TXT REC CNC Unlike conventional botnets, Proone instances(our jargon for "bots") are controlled by TXT DNS records containing one or more request sessions of an -authoritive host. In this scheme, Proone instances periodicallty query the +authoritative host. In this scheme, Proone instances periodically query the contents of the TXT records to parse and serve request messages as if they were -from a "real" authoritive host on the TLS connection. Any response data resulted -in the process is discarded. The serialised frames in the records are encoded in -base64 because most DNS management software do not accept binary data for the -value of TXT records. The +from a "real" authoritative host on the TLS connection. Any response data +resulted in the process is discarded. The serialised frames in the records are +encoded in base64 because most DNS management software do not accept binary data +for the value of TXT records. The spec([rfc1035](https://datatracker.ietf.org/doc/html/rfc1035#section-3.3) does not impose such restriction. @@ -102,7 +102,7 @@ regard it as a protocol error. Only public DNS servers which support DNS over TLS are used to counter lawful interception. The rationale behind this is that the DNS protocol is not -encrypted and ISPs or law enforcfements can easily filter out TXT REC CNC +encrypted and ISPs or law enforcements can easily filter out TXT REC CNC traffic simply by doing plain-text string search. Proone queries public DNS servers directly rather than using system functions. This eliminates the chance of ISP DNS servers giving false results. Using public DNS servers is also @@ -113,14 +113,15 @@ run CNC implementations for simple tasks like running shell scripts. There are 2 recommended applications. One typical application is having a `PRNE_HTBT_OP_HOVER`(Hand-over Command) request frame in TXT records to instruct -the instances to connect to servers running authoritive htbt implementations for -furthur instructions. The second application is having a +the instances to connect to servers running authoritative htbt implementations +for further instructions. The second application is having a `PRNE_HTBT_OP_RUN_CMD`(Execute) frame or a `PRNE_HTBT_OP_RUN_BIN`(Execute Binary Command) containing a simple minified shell script to be run on the hosts. Using CNC TXT records to transfer a large amount of data is possible but not -recommended. For Proone instances, quering TXT records, decoding base64 data and +recommended. For Proone instances, querying TXT records, decoding base64 data +and running a slave heartbeat context is a costly operation. ## M2M @@ -143,17 +144,17 @@ negotiation) string "prne-htbt" is also used to further ensure that the remote endpoint the implementation connects to is served by a Proone implementation serving heartbeat connections. -The Proone executables carry files necessray to set up TLS connections hardcoded +The Proone executables carry files necessary to set up TLS connections hardcoded in their binary. These files include the CA cert, a DH param, a cert and a private key for client connections and a cert and private key for server connections. -## Custom Authoritive Server Implementations +## Custom Authoritative Server Implementations In order to do things of complexity, it's recommended to implement an -authoritive server implementation and command Proone instances to take orders +authoritative server implementation and command Proone instances to take orders from the servers running the implementation. Load balancing can be done at the DNS level using techniques like round-robin DNS or GeoDNS. Once a Proone -instance connects to an authoritive server, the server can fully utilise the +instance connects to an authoritative server, the server can fully utilise the heartbeat protocol. To make an example, **proone-hostinfod** is implemented. ## Possible Use Cases @@ -170,7 +171,7 @@ systems(historically). the device resets it To make hosts run an arbitrary binary executable, `PRNE_HTBT_OP_HOST_INFO`(Host -Info Request) can be used to query the archeticture type of the host to select +Info Request) can be used to query the architecture type of the host to select a suitable binary for upload. This is what `proone-htbtclient upbin` command does to prepare the binary for the instance. @@ -236,7 +237,7 @@ that the NOOP messages always appear as `80 00 00` and `00 00 00` in binary. The special id value 0x7FFF is used to indicate a "notification session" in which the recipient host is not expected to produce any response messages for that session. For example, a Status message can be sent with the id 0x7FFF by -either host to report a protorol error. +either host to report a protocol error. #### OP Codes | Enum | Value | Name | Next Frame | @@ -286,7 +287,7 @@ either host to report a protorol error. | MaxLen | - | The status frame is used to describe the result of a request or an error -occurred. *err* is used to convey `errno` or a return value from the underlaying +occurred. *err* is used to convey `errno` or a return value from the underlying library. Note that the host CPU architecture may be using [unusual signed integer @@ -417,7 +418,7 @@ for the first time. The uuid is preserved across `exec()`(e.g. binary upgrade). zeroed-out uuid indicates that the *org_id* is not specified. **parent_uptime** is the number of seconds elapsed since the parent process has -started. **child_uptime** is the numer of seconds elapsed since the child +started. **child_uptime** is the number of seconds elapsed since the child process has been spawned by the parent process. The value 0xFFFFFFFF is used to indicate errors like integer overflow or unset value. @@ -447,7 +448,7 @@ The credential data can be used after being validated by searching for two zeroes, the last of which is at the end of the data, to prevent buffer overflow. This data is non-existent(*hc_len* is zero and there's no *hc* after the fixed-length part of the frame) if the host has been breached by means other -than brute foce login attacks. +than brute force login attacks. **bf** contains the flag bits to describe the attributes of the instance. The @@ -474,7 +475,7 @@ that follows after the host credential data. These flags are diagnostic flags. They are designed to examine the health of instances. For example, a bug in the BNE worker may cause a malformed executable on the target host, rendering the binary archive appended to the executable -useless. `WKR_*` flags are used to determine if the host is runnning low on +useless. `WKR_*` flags are used to determine if the host is running low on memory. Other examples are ... * Without the Recon worker(WKR_RCN unset), the instance cannot infect other @@ -513,10 +514,10 @@ for facilitating the use of bitfields. | Field | Description | | ------ | ------------------------------------------------------------------- | -| addr_4 | 32-bit IPv4 address of the authoritive host | -| port_4 | 16-bit unsigned integer IPv4 port of the authoritive host | -| addr_6 | 128-bit IPv6 address of the authoritive host | -| port_6 | 16-bit unsigned integer IPv6 port of the authoritive host | +| addr_4 | 32-bit IPv4 address of the authoritative host | +| port_4 | 16-bit unsigned integer IPv4 port of the authoritative host | +| addr_6 | 128-bit IPv6 address of the authoritative host | +| port_6 | 16-bit unsigned integer IPv6 port of the authoritative host | | Attribute | Value | | --------- | ---------------------------------------------------------------- | @@ -532,7 +533,7 @@ for facilitating the use of bitfields. | MaxLen | - | The hand-over frame is used to represent the socket addresses of another -authoritive host. Zeroed-out addresses(0.0.0.0 and ::) are used to represent +authoritative host. Zeroed-out addresses(0.0.0.0 and ::) are used to represent that the address is unspecified. If both IPv4 and IPv6 addresses are specified, the IPv6 address takes the precedence. This means that the use of IPv6 is favoured whenever IPv6 connectivity is available. @@ -626,7 +627,7 @@ with zero is illegal. Empty strings are permitted. | Field | Description | | --------- | ---------------------------------------------------------------- | -| alloc_len | 24-bit unsigned integer advisory preallocation length in octests | +| alloc_len | 24-bit unsigned integer advisory preallocation length in octets | | rsv | Not used | | D | Detach flag. 1 if the process has to be "detached". 0 Otherwise | | args_len | 10-bit unsigned integer length of args, in octets | @@ -647,17 +648,17 @@ with zero is illegal. Empty strings are permitted. The bin meta frame is an extension of the Command frames. -**alloc_len** is the length in octets advised by the authoritive implementation -for preallocation. The submissive implementation may choose to honor the field -to preallocate space on the file system using syscalls like `fallocate()`. The -implementations may choose to ignore the field. If the desired length cannot be -represented using the 24-bit field, the implementations may use the value -0xFFFFFF to indicate that the desired length is larger than 0xFFFFFF. Note that -the field does not represent the actual size of the executable. Therefore the -implementation must "dock" the file to the size of the actual data received if -it turns out to be shorter than *alloc_len*. +**alloc_len** is the length in octets advised by the authoritative +implementation for preallocation. The submissive implementation may choose to +honor the field to preallocate space on the file system using syscalls like +`fallocate()`. The implementations may choose to ignore the field. If the +desired length cannot be represented using the 24-bit field, the implementations +may use the value 0xFFFFFF to indicate that the desired length is larger than +0xFFFFFF. Note that the field does not represent the actual size of the +executable. Therefore the implementation must "dock" the file to the size of the +actual data received if it turns out to be shorter than *alloc_len*. -Refer to ###Command Frame section for furthur info. +Refer to ###Command Frame section for further info. ### STDIO Frame ``` @@ -697,7 +698,7 @@ data. **E**("err") is a flag used to indicate whether the frame holds the output of the standard error. This flag is only used by the submissive host in Execute and Execute Binary sessions. The frame with the flag set is illegal if sent by the -authoritive host. The flag is ignored when used in Binary Upgrade and Binary +authoritative host. The flag is ignored when used in Binary Upgrade and Binary Recombination sessions. **F**("fin") is a flag used to mark the final transmission of the channel. When @@ -793,9 +794,9 @@ type of the next frame. Some op codes define no next header nor following messages. In this case the initial message header is the only frame that appears in the session. -A new session is initiated when the authoritive host sends a message with a new -message id(randomly generated) and the I flag set. The hosts exchange messages -until the session is concluded. +A new session is initiated when the authoritative host sends a message with a +new message id(randomly generated) and the I flag set. The hosts exchange +messages until the session is concluded. ### No Operation ``` @@ -835,7 +836,7 @@ sessions like Execute/Execute Binary sessions. └─┘ └─┘ ``` -The Host Info session is initiated by the authoritive host to query the +The Host Info session is initiated by the authoritative host to query the information of the submissive end(the instance). The possible response from the submissive end can be following. @@ -871,8 +872,8 @@ submissive end can be following. └─┘ └─┘ ``` -The Hand-over session is initiated by the authoritive host when furthur the -subsmissive host should request further instructions from another authroitive +The Hand-over session is initiated by the authoritative host when further the +submissive host should request further instructions from another authoritative host. The request is served in the background and the connection continues. The possible status response: @@ -883,13 +884,13 @@ possible status response: * EAGAIN if the request queue reached the maximum size If the thread processing the request receives another Hand-over session sent by -another authoritive host, the thread increments the internal counter to enforce -the "redirection limit". +another authoritative host, the thread increments the internal counter to +enforce the "redirection limit". -When the submissive host establishes a TLS connection to another authoritive +When the submissive host establishes a TLS connection to another authoritative host, the submissive host is required to initiate a Solicit session to request -furthur instructions. Note that this is where the hosts switch places in the TLS -connection - the authoritive host becomes the server and the submissive host +further instructions. Note that this is where the hosts switch places in the TLS +connection - the authoritative host becomes the server and the submissive host client. ### Solicit Session @@ -904,12 +905,12 @@ client. └─┘ └─┘ ``` -The Solicit session is initiated by the subissive host after establishing a TLS -connection to another authoritive to carry out the Hand-over request. There is +The Solicit session is initiated by the submissive host after establishing a TLS +connection to another authoritative to carry out the Hand-over request. There is no next frame that follows the message. -The authoritive host may choose to reuse the message id used for the request to -initiate request to the submissive host. This is not a requirement and +The authoritative host may choose to reuse the message id used for the request +to initiate request to the submissive host. This is not a requirement and disregarding the message id in the Solicit message is not illegal. ### Execute Session @@ -1006,17 +1007,18 @@ function. The first string in the *args* field must be the absolute path to an executable on the host as per the usage of exec(). STDIO messages are used to transfer standard input and output data from and to -the child process. The authoritive host should send a STDIO frame with fin flag -so that `read()` on the standard input returns EOF in the child process. The -submissive host must notify the authoritive host with STDIO frames with fin flag -when the child process closes its standard output and standard error. Once both -outputs reached EOF, the submissive host reaps the child process to retrieve the -exit code, which is then sent over a Status frame to the authoritive host. +the child process. The authoritative host should send a STDIO frame with fin +flag so that `read()` on the standard input returns EOF in the child process. +The submissive host must notify the authoritative host with STDIO frames with +fin flag when the child process closes its standard output and standard error. +Once both outputs reached EOF, the submissive host reaps the child process to +retrieve the exit code, which is then sent over a Status frame to the +authoritative host. If an error occurs during the process, the submissive host will skip to sending -a status frame with errno. The authoritive host shouldn't expect and send -furthur STDIO messages. The submissive host may skip to sending a Status frame -with UNIMPL if it does not implement Execute sessions. +a status frame with errno. The authoritative host shouldn't expect and send +subsequent STDIO messages. The submissive host may skip to sending a Status +frame with UNIMPL if it does not implement Execute sessions. ### Binary Upgrade Session ``` @@ -1095,10 +1097,10 @@ executable using `exec()`. The Binary Meta frame contains the arguments to the `exec()` syscall which are honoured by the submissive host. STDIO frames are used for data transfer. The format of the new executable can be any format recognised by the host kernel(ELF or #! if the kernel supports it). The -authoritive host is responsible for providing the suitable executable for the +authoritative host is responsible for providing the suitable executable for the submissive host. Usually, the Host Info is queried to prepare the right executable for the host. The Status frame is used to deliver the result of the -data tranfer. In the event of an error, the submissive host does not wait for +data transfer. In the event of an error, the submissive host does not wait for the data transfer to finish before sending the Status frame. Upon successful upload, the Proone instance will attempt to `exec()` to the @@ -1294,7 +1296,7 @@ session. ## Protocol Error The protocol error is reported using a Status message. The status code PROTO_ERR is used. If the error is encountered in mid-session, the message id for the -session is used for the Status mesage. Otherwise, the special message id 0x7FFF +session is used for the Status message. Otherwise, the special message id 0x7FFF is used. A protocol error is raised when diff --git a/doc/impl.md b/doc/impl.md index 2d598ef..626378d 100644 --- a/doc/impl.md +++ b/doc/impl.md @@ -32,7 +32,7 @@ memory allocation failure from the parameter and the return value. if (n > 0 && ret == NULL) { ``` -All the memory allocated using the framework allocaiton functions(`prne_*()`) +All the memory allocated using the framework allocation functions(`prne_*()`) must be freed with `prne_free()`. ## Resource Allocation Hook diff --git a/doc/sws.md b/doc/sws.md index e62f721..f3fb45c 100644 --- a/doc/sws.md +++ b/doc/sws.md @@ -27,7 +27,7 @@ The subsystem is documented separately in [htbt.md](htbt.md). ### Recon The role of the Recon(RCN) worker is to discover nodes both on the internet and the link-local network. The worker instance takes a target network list and a -blacklist network list as parametres. */src/data/recon.samepl.conf* is the +blacklist network list as parameters. */src/data/recon.sample.conf* is the sample lists for **proone-recon**, and `PRNE_RCN_T_IPV4`, `PRNE_RCN_BL_IPV4`, `PRNE_RCN_T_IPV6` and `PRNE_RCN_BL_IPV6` macro defines are for hardcoded values in Proone. The `PRNE_RCN_PORTS` macro defines the target remote remote TCP ports @@ -38,7 +38,7 @@ At least one target network for each version of IP must be specified. You may choose to target all networks by specifying 0.0.0.0/0 and ::/0 respectively. For efficiency, you may specify the networks for special uses such as 127.0.0.0/8, 224.0.0.0/4, ::/128, ::1/128, 1::/64 and so on. You may or may not want to -blacklist private network addresses as devices sitting befine NATed networks. +blacklist private network addresses as devices sitting behind NATed networks. Note that the NATed devices still can be controlled by TXT REC CNC. However, NAT routers are usually low to mid-range devices so infecting too many devices on the private network can put strain on the NAT router. @@ -119,8 +119,8 @@ magic number 128(`PROONE_BNE_MAX_CNT`). The chance of an instance reaching this limit is rare. On most embedded devices, the process will run out of memory long before reaching this limit. After a certain point, further attempts to spawn a worker will fail with ENOMEM. Or it is possible that the BNE threads will start -suffering from starvation. For this reasion, the BNE workers have lowest -priority to minimise the starvation of other vital workers. +suffering from starvation. For this reason, the BNE workers have lowest priority +to minimise the starvation of other vital workers. ### Resolv The Resolv worker is a DNS resolver specifically designed for Proone. It is @@ -141,7 +141,7 @@ worker will circle through the name servers until the query times out. A short connection timeout value is used to achieve this. The Resolv worker supports basics only. It is capable of resolving TXT, A and -AAAA records. It does not depend on any system configuration. Only the harcoded +AAAA records. It does not depend on any system configuration. Only the hardcoded DoT public name servers are used and only the hardcoded TLS certificate and private key are used to make it difficult to analyze packets exchanged between the name servers and the process. @@ -160,7 +160,7 @@ sensitive data necessary for operation of Proone. DVault is a kempt version of the data table of Mirai. DVault also helps reduce the size of Proone. Each executable contains the *.data* section. If there's a long string in the program, the value of the string will end up in each *.data* section of the -executables. Compression leviates this issue but there's a limit because the +executables. Compression alleviate this issue but there's a limit because the size of data dictionary blocks can only get big. Having a custom *.data* section for large data solves this issue at the cost of the size of code for fetching and unmasking values from DVault. This implies that, in some cases, storing @@ -197,7 +197,7 @@ host. ├──────────────┤ │ │ ├──────────────┤ │ DVault │ ───────────────────────────╴│╶───── copy ──> │ DVault │ ├──────────────┤ │ │ ├──────────────┤ - │ BA index │ ───────────────────────────╴│╶─── udpate ──> │ BA index │ + │ BA index │ ───────────────────────────╴│╶─── update ──> │ BA index │ ├--------------┤ │ │ ├--------------┤ │ linux sh4 │ ────────────────────────┘ └── compress ──> │ linux armv4t │ │ linux i686 │ ───────────────────────────── recompress ──> │ linux i686 │ @@ -242,7 +242,7 @@ servers. The Recon worker supports discovery of IPv6 hosts on the network and IPv6 network targets. Proone always favours IPv6 connectivity. Whenever the instance connects to the -public DNS over TLS servers or an authoritive heartbeat host, it attempts to +public DNS over TLS servers or an authoritative heartbeat host, it attempts to establish both IPv4 and IPv6 connection. If both connections are established, the instance drops the IPv4 connection and uses IPv6 connection. The minor issue with this approach is when the IPv6 handshake process takes a little longer than @@ -271,7 +271,7 @@ host does not support, the syscall will fail with `ENOSYS`. If the feature requiring the new API can be silently switched off at runtime, removal of the macro is recommended. -The Linux kernel is highly configurable. Pesudo file systems and the device file +The Linux kernel is highly configurable. Pseudo file systems and the device file system may not be present on a Linux host since they can be disabled. Disabling any of these file systems is unusual for PCs but practical on embedded devices. Proone do not assume that these file systems are available on the host and try @@ -292,7 +292,7 @@ and serve the local backdoor connections while unable to infecting the other devices on the network. Proone does not reattempt to start the workers it failed to run on start. The assumption is that the system is already running with its memory full to the brim and it's futile to wait for resource it failed to claim -as it's likley that the other services on the system will claim the reource at +as it's likely that the other services on the system will claim the resource at some point. Proone does cooperative multitasking by using **Pthsem** library. This is one @@ -300,7 +300,7 @@ of many efforts to "run lean" whereby restricting CPU usage to one logical thread. This may seem as a huge missed opportunity if Proone scores infecting itself onto a beefy multi-core system. Keep in mind that Proone is designed to run on resource-scarce embedded devices. Most poorly-designed vulnerable devices -will be single core, anways. The strategy is getting the most small-powered +will be single core, anyway. The strategy is getting the most small-powered devices infected rather than having a few infected high-performance systems. ### Ephemeral Presence @@ -323,7 +323,7 @@ memory-backed file systems, Proone eliminates the change of traces of the executable being left on non-volatile storage devices. The executable size of Proone is quite big since it carries executable for other platforms. On most embedded devices, the size of SPI flash memory is small while the RAM is -reletively spacious. So it would be unwise to use just any mount point. +relatively spacious. So it would be unwise to use just any mount point. ## Dependencies The dependencies for Proone have been kept to absolute necessities. libssh2 is @@ -362,7 +362,7 @@ proone-htbtclient. MariaDB for DB backend. * /src/proone.bin: Proone instance executable ELF part only (not runnable) * /src/proone-bne: standalone bne tool for testing and deployment of an index case(P0) -* /src/proone-hostinfod: hostinfo daemon, an example of authoritive heartbeat +* /src/proone-hostinfod: hostinfo daemon, an example of authoritative heartbeat implementation * /src/proone-htbtclient: heartbeat client, Proone instance maintenance tool * /src/proone-htbthost: standalone heartbeat worker for testing @@ -422,7 +422,7 @@ proone-htbtclient. MariaDB for DB backend. * /src/pack.h: packaging facilities for binary archive and nybin * /src/proone-bne.c: standalone bne * /src/proone.c: Proone instance -* /src/proone.h: Proone instnace +* /src/proone.h: Proone instance * /src/proone_conf.skel/config.h: domain-specific configuration * /src/proone_conf.skel/x509.h: domain-specific PKI data * /src/proone-hostinfod.c: hostinfo daemon diff --git a/src/bne.h b/src/bne.h index 1adf723..543fe75 100644 --- a/src/bne.h +++ b/src/bne.h @@ -93,7 +93,7 @@ typedef enum prne_bne_vector prne_bne_vector_t; struct prne_bne_param { // The cred dict to use for brute force login (optional) const prne_cred_dict_t *cred_dict; - // The SSL config object for authoritive heartbeat client connections + // The SSL config object for authoritative heartbeat client connections // (optional) mbedtls_ssl_config *htbt_ssl_conf; /** diff --git a/src/htbt.c b/src/htbt.c index 143081b..bc9e23e 100644 --- a/src/htbt.c +++ b/src/htbt.c @@ -988,7 +988,7 @@ static bool htbt_relay_child_evflush ( */ errno = EPIPE; } - // It's up to authoritive end to decide if they should raise SIGPIPE + // It's up to authoritative end to decide if they should raise SIGPIPE prne_pth_reset_timer(ev, &HTBT_SLV_SCK_OP_TIMEOUT); htbt_slv_send_status( ctx, diff --git a/src/resolv.h b/src/resolv.h index 6e6d4f0..2862ed4 100644 --- a/src/resolv.h +++ b/src/resolv.h @@ -218,7 +218,7 @@ extern const prne_resolv_ns_pool_t PRNE_RESOLV_DEF_IPV6_POOL; // The DNS record types as per RFC 1035 3.2.2 and RFC 3596 #define PRNE_RESOLV_RTYPE_A 1 // A host address -#define PRNE_RESOLV_RTYPE_NS 2 // An authoritive name server +#define PRNE_RESOLV_RTYPE_NS 2 // An authoritative name server #define PRNE_RESOLV_RTYPE_CNAME 5 // The canonical name for an alias // Marks the start of a zone of authority #define PRNE_RESOLV_RTYPE_SOA 6 -- cgit