Skip to content

SecGen schemas

Jump to bottom Edit New page
Jjk422 edited this page Jul 28, 2016 · 15 revisions

# SecGen schemas

SecGen currently has 5 schemas:

  1. base_metadata_schema.xsd
  2. network_metadata_schema.xsd
  3. scenario_schema.xsd
  4. service_metadata_schema.xsd
  5. vulnerability_metadata_schema.xsd

Where are the schemas found?

All schemas can be found under the directory SecGen/lib/schemas/.

What do the schemas actually do?

Each schema ensures all secgen_metadata.xml files and scenario files have a valid structure with valid values.

The base schema

The base_metadata_schema.xsd schema controls the base tag. The options for the base tag are

Tag Attributes values {Required values}

name any author any module_licence MIT , Apache v2 , GPLv3 description any type server , desktop , cli platform any distro any url any {Optional values} reference any software_name any software_licence any {} conflict module_path = any name = any author = any module_licence = any description = any type = any platform = any distro = any url = any vagrantbase = any reference = any software_licence = any { } requires module_path = any name = any author = any module_licence = any description = any type = any platform = any distro = any url = any vagrantbase = any reference = any software_licence = any

In other words

Bases

Minimal secgen_metadata.xml <?xml version="1.0"?>

`<base xmlns="http://www.github/cliffe/SecGen/base"`
     `xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"`
     `xsi:schemaLocation="http://www.github/cliffe/SecGen/base">`
`<name>“String”</name>`
`<author>“String”</author>`
`<module_licence>MIT // Apache v2 // GPLv3</module_licence>`
`<description>“String”</description>`
`<type>server // desktop // cli</type>`
`<platform>“String”</platform>`
`<distro>“String”</distro>`
`<url>“String”</url>`
`</base>`

Maximum secgen_metadata.xml <?xml version="1.0"?>

`<base xmlns="http://www.github/cliffe/SecGen/base"`
     `xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"`
     `xsi:schemaLocation="http://www.github/cliffe/SecGen/base">`
`<name>“String”</name>`
`<author>“String”</author>`
`<module_licence>MIT // Apache v2 // GPLv3</module_licence>`
`<description>“String”</description>`
`<type>server // desktop // cli</type>`
`<platform>“String”</platform>`
`<distro>“String”</distro>`
`<url>“String”</url>`
`<reference>“String”</reference>`
`<software_name>“String”</software_name>`
`<software_licence>“String”</software_licence>`

`<conflict>`
`<module_path>"String"</module_path>`
`<name>"String"</name>`
`<author>"String"</author>`
`<module_licence>"String"</module_licence>`
`<description>"String"</description>`
`<type>"String"</type>`
`<platform>"String"</platform>`
`<distro>"String"</distro>`
`<url>"String"</url>`
`<vagrantbase>"String"</vagrantbase>`
`<reference>"String"</reference>`
`<software_licence>"String"</software_licence>`
`</conflict>`

`<requires>`
`<module_path>"String"</module_path>`
`<name>"String"</name>`
`<author>"String"</author>`
`<module_licence>"String"</module_licence>`
`<description>"String"</description>`
`<type>"String"</type>`
`<platform>"String"</platform>`
`<distro>"String"</distro>`
`<url>"String"</url>`
`<vagrantbase>"String"</vagrantbase>`
`<reference>"String"</reference>`
`<software_licence>"String"</software_licence>`
`</requires>`
`</base>`

Minimal network secgen_metadata.xml module <?xml version="1.0"?> <network xmlns="http://www.github/cliffe/SecGen/network" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.github/cliffe/SecGen/network"> <name></name> <author></author> <module_license>MIT // Apache v2 // GPLv3</module_license> <description></description> <type>public_network // private_network</type> <range>***.***.***.*** where * is 0-9</range> </network>

Maximum network secgen_metadata.xml module <?xml version="1.0"?> <network xmlns="http://www.github/cliffe/SecGen/network" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.github/cliffe/SecGen/network"> <name></name> <author></author> <module_license>MIT // Apache v2 // GPLv3</module_license> <description></description> <type>public_network // private_network</type> <range>***.***.***.*** where * is 0-9</range> <conflict> <name></name> <author></author> <module_license></module_licence> <description></description> <type></type> <range></range> </conflict> </network>

Services secgen_metadata.xml <?xml version="1.0"?> <service xmlns="http://www.github/cliffe/SecGen/service" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.github/cliffe/SecGen/service"> <name>””</name> <author>””</author> <module_license>MIT // Apache v2</module_license> <description>””</description> <type>””</type> <platform>linux // unix // windows</platform>

`<!--optional details-->`
`<reference>””</reference>`
`<software_name>””</software_name>`
`<software_license>””</software_license>`
`<!--Conflicts ensure no duplicate software installations-->`
`<software_name>””</software_name>`
`<conflict>`
`<module_path>””</module_path>`
`<name>””</name>`
`<author>””</author>`
`<module_license>””</module_license>`
`<description>””</description>`
`<type>””</type>`
`<platform>linux // unix // windows</platform>`
`<reference>””</reference>`
`<software_name>””</software_name>`
`<software_license>””</software_licence>`
`</conflict>`

`<!--Requires ensures all prerequisite modules installed-->`
`<requires>`
`<module_path>””</module_path>`
`<name>””</name>`
`<author>””</author>`
`<module_license>””</module_licence>`
`<description>””</description>`
`<type>””</type>`
`<platform>linux // unix // windows</platform>`
`<reference>””</reference>`
`<software_name>””</software_name>`
`<software_license>””</software_license>`
`</requires>`
`</services>`

Vulnerability secgen_metadata.xml <?xml version="1.0"?> <vulnerability xmlns="http://www.github/cliffe/SecGen/vulnerability" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.github/cliffe/SecGen/vulnerability"> <name>””</name> <author>””</author> <module_license>MIT // Apache v2</module_license> <description>””</description> <type>””</type> <privilege>information_leakage // user // root</privilege> ←Todo - need to add information leakage to privilege <access>remote // local</access> <platform>linux // unix // windows</platform>

`<!--optional vulnerability details-->`
`<difficulty>low // medium // high</difficulty>`
`<cve>CVE-[0-9]{4}-[0-9]{1,39}</cve>`
`<cvss_base_score>*.* where * is 0-9</cvss_base_score>`
`<cvss_vector>AV:(L|A|N)/AC:(H|M|L)/Au:(M|S|N)/C:(N|P|C)/I:(N|P|C)/A:(N|P|C)</cvss_vector>`
`<reference>””</reference>`
`<software_name>nfsd</software_name>`
`<software_license>GPLv2</software_license>`

`<!--optional breadcrumb (info that is leaked and required to exploit)-->`
`<breadcrumb>””</breadcrumb>`

`<!--optional hints-->`
`<msf_module>exploit/[a-zA-Z0-9_\-/]+</msf_module>`
`<hint>””</hint>`
`<solution>””</solution>`
`<conflict>`
`<module_path>””</module_path>`
`<name>””</name>`
`<author>””</author>`
`<module_license>””</module_license>`
`<description>””</description>`
`<type>””</type>`
`<privilege>user // root</privilege>`
`<access>remote // local</access>`
`<platform>linux // unix // windows</platform> <-- need to add windows to schema`
`<difficulty>low // medium // high</difficulty>`
`<cve>CVE-[0-9]{4}-[0-9]{1,39}</cve>`
`<cvss_base_score>*.* where * is 0-9</cvss_base_score>`
`<cvss_vector>AV:(L|A|N)/AC:(H|M|L)/Au:(M|S|N)/C:(N|P|C)/I:(N|P|C)/A:(N|P|C)</cvss_vector>`
`<reference>””</reference>`
`<software_name>””</software_name>`
`<software_license>””</software_license>`
`<breadcrumb>””</breadcrumb>`
`<msf_module>exploit/[a-zA-Z0-9_\-/]+</msf_module>`
`<hint>””</hint>`
`<solution>”"</solution>`
`</conflict>`
`<requires>`
`<module_path>””</module_path>`
`<name>””</name>`
`<author>””</author>`
`<module_license>””</module_license>`
`<description>””</description>`
`<type>””</type>`
`<privilege>user // root</privilege>`
`<access>remote // local</access>`
`<platform>linux // unix // windows</platform> <-- need to add windows to schema`
`<difficulty>low // medium // high</difficulty>`
`<cve>CVE-[0-9]{4}-[0-9]{1,39}</cve>`
`<cvss_base_score>*.* where * is 0-9</cvss_base_score>`
`<cvss_vector>AV:(L|A|N)/AC:(H|M|L)/Au:(M|S|N)/C:(N|P|C)/I:(N|P|C)/A:(N|P|C)</cvss_vector>`
`<reference>””</reference>`
`<software_name>””</software_name>`
`<software_license>””</software_license>`
`<breadcrumb>””</breadcrumb>`
`<msf_module>exploit/[a-zA-Z0-9_\-/]+</msf_module>`
`<hint>””</hint>`
`<solution>”"</solution>`
`</requires>`
`</vulnerability>`

Caution: This wiki is still in development, therefore some parts may not be fully updated, finished or may be missing information

Add a custom sidebar
Clone this wiki locally