Skip to content

Service Modules

Jump to bottom Edit New page
Jjk422 edited this page Aug 4, 2016 · 5 revisions

Table of contents

What are services?

Services, in relation to SecGen, are secure programs that are linked to a network service socket.

What are service modules?

Service modules are SecGen modules that install and configure secure services on the generated virtual machine.
Services are usually installed to a network service socket.
Installing services on network service sockets allows scanning tools to detect both secure and non-secure services, ensuring differentiation will need to occur to allow exploitation of the machine.

Where do secure non network socket services go?

Non networked services can be found in the utility modules directory.

Where are service modules stored?

Service modules are stored in the services directory, a simplified SecGen file structure to the services directory is below:

/SecGen
  /modules
    /services

How is the services directory structured?

The services folder is structured as shown below:

/services
  /unix
    /{service_type}
      /{service_name}
      /{service_name}
  /windows
    /{service_type}
      /{service_name}
      /{service_name}

{service_type}:  
The service module type, e.g. http
  
{service_name}:  
The name of the service module

What do service modules actually contain?

Service modules have the following structure:

/{service_name}
  /examples
    /...
  /files
    /example.file
  /lib
    /...
  /manifests
    /install.pp
    /config.pp
    /service.pp
  /spec
    /...
  /templates
    /example.erb
  /{service_name}.pp
  /secgen_metadata.xml

{service_name}:  
The name of the service module

More information on the different files and directories plus how they are used can be found in the module development overview.

A full overview of SecGen's module structure can be found here.

What does secgen_metadata.xml actually contain?

The secgen_metadata.xml files for the service modules are based on following structure:
Minimal service secgen_metadata.xml file

<?xml version="1.0"?>
<service xmlns="http://www.github/cliffe/SecGen/service"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://www.github/cliffe/SecGen/service">

         <name>””</name>
         <author>””</author>
         <module_license>MIT // Apache v2</module_license>
         <description>””</description>
         <type>””</type>
         <platform>linux // unix // windows</platform>
</service>

All values services secgen_metadata.xml file

<?xml version="1.0"?>
<service xmlns="http://www.github/cliffe/SecGen/service"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://www.github/cliffe/SecGen/service">

         <name>””</name>
         <author>””</author>
         <module_license>MIT // Apache v2</module_license>
         <description>””</description>
         <type>””</type>
         <platform>linux // unix // windows</platform>
  
         <!--optional details-->
         <reference>””</reference>
         <software_name>””</software_name>
         <software_license>””</software_license>
         
         <!--Conflicts ensure no duplicate software installations-->
         <conflict>
                  <software_name>””</software_name>
                  <conflict>
                  <module_path>””</module_path>
                  <name>””</name>
                  <author>””</author>
                  <module_license>””</module_license>
                  <description>””</description>
                  <type>””</type>
                  <platform>linux // unix // windows</platform>
                  <reference>””</reference>
                  <software_name>””</software_name>
                  <software_license>””</software_licence>
         </conflict>

         <!--Requires ensures all prerequisite modules installed-->
         <requires>
                  <module_path>””</module_path>
                  <name>””</name>
                  <author>””</author>
                  <module_license>””</module_licence>
                  <description>””</description>
                  <type>””</type>
                  <platform>linux // unix // windows</platform>
                  <reference>””</reference>
                  <software_name>””</software_name>
                  <software_license>””</software_license>
         </requires>
</services>

The structure of the service modules secgen_metadata.xml can be found here.

Where can I get new service modules from?

New service modules can be created via importing puppet modules from places like puppetforge and modifying them into SecGen's module structure.

How do I import services from puppetforge?

SecGen uses Puppet to provision its modules to the generated virtual machine. This guide will detail the development process and provisioning of the Apache puppet module found on the Puppet Forge

Although this tutorial uses the linux terminal, other ways exists of doing the same steps. Using terminal commands removes software and gui requirements for users.

Download Puppet Module

Puppet modules can be found on the Puppet Forge - The example used in this tutorial is example42/apache.

First, download the puppet module to your development machine

wget https://forgeapi.puppetlabs.com/v3/files/example42-apache-2.1.12.tar.gz

Next, create a directory in the correct directory path for your selected module, in this case we will be installing a secure services, so it will be under the /services directory.

This utility can be stored in the http subdirectory

mkdir SecGen/modules/services/unix/http

However, if no existing subdirectory exists for the serice type, the subdirectory can be generated with this command

mkdir SecGen/modules/services/unix/{new_service_type}

Next, unzip the contents of the puppet module downloaded earlier, into the newly created directory

tar -xvf example42-apache-2.1.12.tar.gz -C ~/{path_to_SecGen}/SecGen/modules/services/unix/http/

Finally, rename the extracted file into a simpler name

mv example42-apache-2.1.12.tar.gz apache

Now your services directory structure should look something like this

/SecGen
  /modules
    /services
      /unix
        /http
          /apache
            /lib
            /spec
            /manifests
            /templates
            /tests

Manifest file

In order to execute the module, a manifest file will need to be created, this manifest should have the same name as the module.

The puppet manifest should call the class for the module, this will differ between puppet modules and is usually included in the module documentation, for this example, we are going to install apache with the default configuration

class { "apache": }

SecGen_Metadata.xml

The SecGen metadata is used to store information about the puppet module that is used in the SecGen module selection process, see the current XML Schema for an up-to-date representation as to what this should look like.

Testing the module

The module can be tested by strictly specifying that this module be included in the scenario.xml

<utility type="http" name="apache"></utility>

or

<utility module_path="modules/services/unix/http/apache"></utility>

When SecGen is run, there should be some verbose output from vagrant specifying that the apache server has been installed and started.

How do I create my own service modules

Caution: This wiki is still in development, therefore some parts may not be fully updated, finished or may be missing information

Add a custom sidebar
Clone this wiki locally