Update upstream source from tag 'upstream/3.18.1'
Update to upstream version '3.18.1'
with Debian dir 42f27413417ed6450f1adba6f62e92d6a31dcf62
Sophie Brun
2 years ago
2 | 2 | stage: publish |
3 | 3 | before_script: |
4 | 4 | script: |
5 | - git config remote.github.url >/dev/null || git remote add github https://${GH_TOKEN}@github.com/infobyte/faraday.git | |
5 | - git remote set-url github https://${GH_USER}:${GH_TOKEN}@github.com/infobyte/faraday.git | |
6 | 6 | - export FARADAY_VERSION=$(eval $IMAGE_TAG) |
7 | 7 | - CHANGELOG/check_pre_tag.py |
8 | 8 | - git push github $CI_COMMIT_TAG:master |
0 | qa_integration: | |
0 | .qa_integration: | |
1 | 1 | stage: upload_testing |
2 | 2 | variables: |
3 | 3 | REMOTE_BRANCH: $CI_COMMIT_REF_NAME |
0 | * Remove attachments in vulns filter endpoint | |
1 | * Add open and confirmed vulns in workspace stats | |
2 | * Add migration disabling several notifications. | |
3 | * Add user id to session API endpoint | |
4 | * Add cve to vulnerability model | |
5 | * Change funcs to views | |
6 | * FIX report import | |
7 | * Add `last_run_agent_date` field to workspace endpoint | |
8 | * Fix cve parsing in `vulnerability create` and `bulk create` | |
9 | * ADD check if postgres db is running during server start | |
10 | * Fix order_by in filters api | |
11 | * Fix 500 status code with invalid executor arguments |
0 | Oct 21st, 2021 |
0 | Fix CVE issue |
0 | Nov 5th, 2021 |
0 | New features in the latest update | |
1 | ===================================== | |
2 | ||
3 | ||
4 | 3.17.1 [Aug 20th, 2021]: | |
5 | --- | |
6 | * FIX bug when starting the server, creates a pool for reporting that breaks. | |
7 | ||
8 | 3.17.0 [Aug 10th, 2021]: | |
9 | --- | |
10 | * ADD `--data` parameter to `faraday-manage settings` | |
11 | * MOD Process report files in a separate process | |
12 | * MOD Make `bulk_create` requests asynchronous | |
13 | ||
14 | 3.16.1 [Jul 2nd, 2021]: | |
15 | --- | |
16 | * MOD only show settings of this version in faraday-manage settings | |
17 | * FIX update minimum version of click dependency | |
18 | ||
19 | 3.16.0 [Jun 29th, 2021]: | |
20 | --- | |
21 | * BREAKING CHANGE: API V2 discontinued | |
22 | * BREAKING CHANGE: Changed minimum version of python to 3.7 | |
23 | * ADD agent parameters has types (protocol with agent and its APIs) | |
24 | * ADD move settings from `server.in` to a db model | |
25 | * ADD (optional) query logs | |
26 | * MOD new threads management | |
27 | * MOD vulnerabilities' endpoint no longer loads evidence unless requested with `get_evidence=true` | |
28 | * FIX now it is not possible to create workspace of name "filter" | |
29 | * FIX bug with dates in the future | |
30 | * FIX bug with click 8 | |
31 | * FIX bug using --port command | |
32 | * FIX endpoints returning 500 as status code | |
33 | * REMOVE the need tom CSRF token from evidence upload api | |
34 | ||
35 | 3.15.0 [May 18th, 2021]: | |
36 | --- | |
37 | * ADD `Basic Auth` support | |
38 | * ADD support for GET method in websocket_tokens, POST will be deprecated in the future | |
39 | * ADD CVSS(String), CWE(String), CVE(relationship) columns to vulnerability model and API | |
40 | * ADD agent token's API says the renewal cycling duration | |
41 | * MOD Improve database model to be able to delete workspaces fastly | |
42 | * MOD Improve code style and uses (less flake8 exceptions, py3 `super` style, Flask app as singleton, etc) | |
43 | * MOD workspaces' names regex to verify they cannot contain forward slash (`/`) | |
44 | * MOD Improve bulk create logs | |
45 | * FIX Own schema breaking Marshmallow 3.11.0+ | |
46 | * UPD flask_security_too to version 4.0.0+ | |
47 | ||
48 | 3.14.4 [Apr 15th, 2021]: | |
49 | --- | |
50 | * Updated plugins package, which update appscan plugin | |
51 | ||
52 | 3.14.3 [Mar 30th, 2021]: | |
53 | --- | |
54 | * MOD MAYOR Breaking change: Use frontend from other repository | |
55 | * ADD `last_run` to executors and agents | |
56 | * ADD ignore info vulns option (from faraday-plugins 1.4.3) | |
57 | * ADD invalid logins are registered in `audit.log` | |
58 | * ADD agent registration tokens are now 6-digit short and automatically regenerated every 30 seconds | |
59 | * MOD Fix logout redirect loop | |
60 | * REMOVE support for native SSL | |
61 | ||
62 | 3.14.2 [Feb 26th, 2021]: | |
63 | --- | |
64 | * ADD New plugins: | |
65 | * microsoft baseline security analyzer | |
66 | * nextnet | |
67 | * openscap | |
68 | * FIX old versions of Nessus plugins bugs | |
69 | ||
70 | 3.14.1 [Feb 17th, 2021]: | |
71 | --- | |
72 | * ADD forgot password | |
73 | * ADD update services by bulk_create | |
74 | * ADD FARADAY_DISABLE_LOGS varibale to disable logs to filesystem | |
75 | * ADD security logs in `audit.log` file | |
76 | * UPD security dependency Flask-Security-Too v3.4.4 | |
77 | * MOD rename total_rows field in filter host response | |
78 | * MOD improved Export cvs performance by reducing the number of queries | |
79 | * MOD sanitize the content of vulns' request and response | |
80 | * MOD dont strip new line in description when exporting csv | |
81 | * MOD improved threads management on exception | |
82 | * MOD improved performance on vulnerability filter | |
83 | * MOD improved [API documentation](www.api.faradaysec.com) | |
84 | * FIX upload a report with invalid custom fields | |
85 | * ADD v3 API, which includes: | |
86 | * All endpoints ends without `/` | |
87 | * `PATCH {model}/id` endpoints | |
88 | * ~~Bulk update via PATCH `{model}` endpoints~~ In a future release | |
89 | * ~~Bulk delete via DELETE `{model}` endpoints~~ In a future release | |
90 | * Endpoints removed: | |
91 | * `/v2/ws/<workspace_id>/activate/` | |
92 | * `/v2/ws/<workspace_id>/change_readonly/` | |
93 | * `/v2/ws/<workspace_id>/deactivate/` | |
94 | * `/v2/ws/<workspace_name>/hosts/bulk_delete/` | |
95 | * `/v2/ws/<workspace_name>/vulns/bulk_delete/` | |
96 | * Endpoints updated: | |
97 | * `/v2/ws/<workspace_name>/vulns/<int:vuln_id>/attachments/` => \ | |
98 | `/v3/ws/<workspace_name>/vulns/<int:vuln_id>/attachment` | |
99 | ||
100 | 3.14.0 [Dec 23th, 2020]: | |
101 | --- | |
102 | * ADD RESTless filter to multiples views, improving the searchs | |
103 | * ADD "extras" modal in options menu, linking to other Faraday resources | |
104 | * ADD `import vulnerability templates` command to faraday-manage | |
105 | * ADD `generate nginx config` command to faraday-manage | |
106 | * ADD vulnerabilities severities count to host | |
107 | * ADD Active Agent columns to workspace | |
108 | * ADD critical vulns count to workspace | |
109 | * ADD `Remember me` login option | |
110 | * ADD distinguish host flag | |
111 | * ADD a create_date field to comments | |
112 | * FIX to use new webargs version | |
113 | * FIX Custom Fields view in KB (Vulnerability Templates) | |
114 | * FIX bug on filter endpoint for vulnerabilities with offset and limit parameters | |
115 | * FIX bug raising `403 Forbidden` HTTP error when the first workspace was not active | |
116 | * FIX bug when changing the token expiration change | |
117 | * FIX bug in Custom Fields type Choice when choice name is too long. | |
118 | * FIX Vulnerability Filter endpoint Performance improvement using joinedload. Removed several nplusone uses | |
119 | * MOD Updating the template.ini for new installations | |
120 | * MOD Improve SMTP configuration | |
121 | * MOD The agent now indicates how much time it had run (faraday-agent-dispatcher v1.4.0) | |
122 | * MOD Type "Vulnerability Web" cannot have "Host" type as a parent when creating data in bulk | |
123 | * MOD Expiration default time from 1 month to 12 hour | |
124 | * MOD Improve data reference when uploading a new report | |
125 | * MOD Refactor Knowledge Base's bulk create to take to take also multiple creation from vulns in status report. | |
126 | * MOD All HTTP OPTIONS endpoints are now public | |
127 | * MOD Change documentation and what's new links in about | |
128 | * REMOVE Flask static endpoint | |
129 | * REMOVE of our custom logger | |
130 | ||
131 | 3.12 [Sep 3rd, 2020]: | |
132 | --- | |
133 | * Now agents can upload data to multiples workspaces | |
134 | * Add agent and executor data to Activity Feed | |
135 | * Add session timeout configuration to server.ini configuration file | |
136 | * Add hostnames to already existing hosts when importing a report | |
137 | * Add new faraday background image | |
138 | * Display an error when uploading an invalid report | |
139 | * Use minimized JS libraries to improve page load time | |
140 | * Fix aspect ratio distortion in evidence tab of vulnerability preview | |
141 | * Fix broken Knowledge Base upload modal | |
142 | * Fix closing of websocket connections when communicating with Agents | |
143 | * Change Custom Fields names in exported CSV to make columns compatible with | |
144 | `faraday_csv` plugin | |
145 | * Fix import CSV for vuln template: some values were overwritten with default values. | |
146 | * Catch errors in faraday-manage commands when the connection string is not | |
147 | specified in the server.ini file | |
148 | * Fix bug that generated a session when using Token authentication | |
149 | * Fix bug that requested to the API when an invalid filter is used | |
150 | * Cleanup old sessions when a user logs in | |
151 | * Remove unmaintained Flask-Restless dependency | |
152 | * Remove pbkdf2\_sha1 and plain password schemes. We only support bcrypt | |
153 | ||
154 | 3.11.2: | |
155 | --- | |
156 | ||
157 | 3.11.1 [Jun 3rd, 2020]: | |
158 | --- | |
159 | * Fix missing shodan icon and invalid link in dashboard and hosts list | |
160 | * Upgrade marshmallow, webargs, werkzeug and flask-login dependencies to | |
161 | latest versions in order to make packaging for distros easier | |
162 | ||
163 | 3.11 [Apr 22nd, 2020]: | |
164 | --- | |
165 | * Move GTK client to [another repository](https://github.com/infobyte/faraday-client) to improve release times. | |
166 | * Fix formula injection vulnerability when exporting vulnerability data to CSV. This was considered a low impact vulnerability. | |
167 | * Remove "--ssl" parameter. Read SSL information from the config file. | |
168 | * Add OpenAPI autogenerated documentation support | |
169 | * Show agent information in command history | |
170 | * Add bulk delete endpoint for hosts API | |
171 | * Add column with information to track agent execution data | |
172 | * Add tool attribute to vulnerability to avoid incorrectly showing "Web UI" as creator tool | |
173 | * Add sorting by target in credentials view | |
174 | * Add creator information when uploading reports or using de bulk create api | |
175 | * Add feature to disable rules in the searcher | |
176 | * Add API endpoint to export Faraday data to Metasploit XML format | |
177 | * Change websocket url route from / to /websockets | |
178 | * Use run date instead of creation date when plugins report specifies it | |
179 | * Improve knowledge base UX | |
180 | * Improve workspace table and status report table UX. | |
181 | * Improve format of exported CSV to include more fields | |
182 | * Sort results in count API endpoint | |
183 | * Limit description width in knowledge base | |
184 | * Change log date format to ISO 8601 | |
185 | * Fix parsing server port config in server.ini | |
186 | * Fix bug when \_rev was send to the hosts API | |
187 | * Send JSON response when you get a 500 or 404 error | |
188 | * Fix bug parsing invalid data in NullToBlankString | |
189 | ||
190 | Changes in plugins (only available through Web UI, not in GTK client yet): | |
191 | ||
192 | New plugins: | |
193 | ||
194 | * Checkmarx | |
195 | * Faraday\_csv (output of exported Faraday csv) | |
196 | * Qualyswebapp | |
197 | * Whitesource | |
198 | ||
199 | Updated plugins: | |
200 | ||
201 | * Acunetix | |
202 | * AppScan | |
203 | * Arachni | |
204 | * Nessus | |
205 | * Netspaker | |
206 | * Netspaker cloud | |
207 | * Nexpose | |
208 | * Openvas | |
209 | * QualysGuard | |
210 | * Retina | |
211 | * W3af | |
212 | * WPScan | |
213 | * Webinspect | |
214 | * Zap | |
215 | ||
216 | 3.10.2 [Jan 30th, 2020]: | |
217 | --- | |
218 | * Fix Cross-Site Request Forgery (CSRF) vulnerability in all JSON API endpoints. | |
219 | This was caused because a third-party library doesn't implement proper | |
220 | Content-Type header validation. To mitigate the vulnerability, we set the | |
221 | session cookie to have the `SameSite: Lax` property. | |
222 | * Fix Faraday Server logs were always in debug | |
223 | * Add update date column when exporting vulnerabilities to CSV | |
224 | * Fix unicode error when exporting vulnerabilities to CSV | |
225 | ||
226 | 3.10.1 [Jan 10th, 2020]: | |
227 | --- | |
228 | * Fix installation with `pip install --no-binary :all: faradaysec` | |
229 | * Force usage of webargs 5 (webargs 6 broke backwards compatibility) | |
230 | * Use latest version of faraday-plugins | |
231 | * Fix broken "Faraday Plugin" menu entry in the GTK client | |
232 | * Extract export csv to reuse for reports | |
233 | ||
234 | 3.10 [Dec 19th, 2019]: | |
235 | --- | |
236 | * Use Python 3 instead of Python 2 in the Faraday Server | |
237 | * Add ability to manage agents with multiple executors | |
238 | * Agents can be run with custom arguments | |
239 | * Improved processing of uploaded reports. Now it is much faster! | |
240 | * Add custom fields of type `choice` | |
241 | * Fix vuln status transition in bulk create API (mark closed vulns as re-opened when they are triggered again) | |
242 | * Fix bug when using non-existent workspaces in Faraday GTK Client | |
243 | * Set service name as required in the Web UI | |
244 | * Validate the start date of a workspace is not greater than the end date | |
245 | * Fix command API when year is invalid | |
246 | * When SSL misconfigurations cause websockets to fails it doesn't block server from starting | |
247 | * Check for invalid service port number in the Web UI | |
248 | * Fix dashboard tooltips for vulnerability | |
249 | * Fix bug when GTK client lost connection to the server | |
250 | * Fix style issues in "Hosts by Service" modal of the dashboard | |
251 | * Add API for bulk delete of vulnerabilities | |
252 | * Add missing vuln attributes to exported CSV | |
253 | * `faraday-manage support` now displays the Operating System version | |
254 | * Notify when `faraday-manage` can't run becasue of PostgreSQL HBA config error | |
255 | ||
256 | 3.9.3 [Nov 12th, 2019]: | |
257 | --- | |
258 | * Fix unicode error when exporting vulns to CSV | |
259 | * Add vuln attributes to CSV | |
260 | * Fix hostname parsing and add external ID to Qualys plugin | |
261 | ||
262 | 3.9 [Oct 3th, 2019]: | |
263 | --- | |
264 | * Add agents feature for distributed plugin execution | |
265 | * Add an API endpoint to to perform a bulk create of many objects (hosts, | |
266 | services, vulns, commands and credentials). This is used to avoid doing a lot | |
267 | of API requests to upload data. Now one request should be enough | |
268 | * Major style and color changes to the Web UI | |
269 | * Add API token authentication method | |
270 | * Use server side stored sessions to properly invalidate cookies of logged out users | |
271 | * Add "New" button to create credentials without host or service assigned yet | |
272 | * Allow filtering hosts by its service's ports in the Web UI | |
273 | * Performance improvements in vulnerabilities and vulnerability templates API (they | |
274 | were doing a lot of SQL queries because of a programming bug) | |
275 | * Require being in the faraday-manage group when running faraday from a .deb or .rpm package | |
276 | * Change the first page shown after the user logs in. Now it displays a workspace | |
277 | selection dialog | |
278 | * Add API endpoint to import Vuln Templates from a CSV file | |
279 | * Create the exported CSV of the status report in the backend instead of in the | |
280 | problem, which was much slower | |
281 | * Add API endpoint to import hosts from a CSV file | |
282 | * Add `faraday-manage rename-user` command to change a user's username | |
283 | * Allow resizing columns in Vulnerability Templates view | |
284 | * Avoid copying technical details when a vuln template is generated from the status report | |
285 | * Use exact matches when searching vulns by target | |
286 | * Add API endpoint to get which tools impacted in a host | |
287 | * Add pagination to activity feed | |
288 | * Add ordering for date and creator to vuln templates view | |
289 | * Modify tabs in vuln template, add Details tab | |
290 | * Add copy IP to clipboard button in hosts view | |
291 | * Add creator and create date columns to vuln template view | |
292 | * When a plugin creates a host with its IP set to a domain name, | |
293 | resolve the IP address of that domain | |
294 | * Add support for logging in RFC5254 format | |
295 | * Add active filter in workspaces view. Only show active workspaces | |
296 | in other parts of the Web UI | |
297 | * Enforce end date to be greater than start date in workspaces API | |
298 | * Fix bug in `faraday-manage create-tables` that incorrectly marked schema | |
299 | migrations as applied | |
300 | * Fix bug in many plugins that loaded hostnames incorrectly (one hostname per chararcter) | |
301 | * Improve references parsing in OpenVAS plugin | |
302 | * Fix a bug in Nessus plugin when parsing reports without host\_start | |
303 | * Fix bug hostname search is now working in status-report | |
304 | * Fix showing of services with large names in the Web UI | |
305 | * Fix broken select all hosts checkbox | |
306 | * Fix bug viewing an attachment/evidence when its filename contained whitespaces | |
307 | * Fix "Are you sure you want to quit Faraday?" dialog showing twice in GTK | |
308 | ||
309 | 3.8.1 [Jun 19th, 2019]: | |
310 | --- | |
311 | * Add configurations for websocket ssl | |
312 | ||
313 | 3.8 [Jun 4th, 2019]: | |
314 | --- | |
315 | * Refactor the project to use absolute imports to make the installation easier | |
316 | (with a setup.py file). This also was a first step to make our codebase | |
317 | compatible with python 3. | |
318 | * Change the commands used to run faraday. `./faraday-server.py`, | |
319 | `./manage.py`, `./faraday.py` and `bin/flugin` are replaced for `faraday-server`, `faraday-manage`, | |
320 | `faraday-client` and `fplugin` respectively | |
321 | * Changed suggested installation method. Now we provide binary executables with all python dependencies | |
322 | embedded into them | |
323 | * Add admin panel to the Web UI to manage custom fields | |
324 | * Fix slow host list when creating vulns in a workspace with many hosts | |
325 | * Usability improvements in status report: change the way vulns are selected and confirmed | |
326 | * Improve workspace workspace creation from the Web UI | |
327 | * Fix attachment api when file was not found in .faraday/storage | |
328 | * Fix visualization of the fields Policy Violations and References. | |
329 | * Add a setting in server.ini to display the Vulnerability Cost widget of the Dashboard | |
330 | * Fix status report resize when the browser console closes. | |
331 | * Fix severity dropdown when creating vulnerability templates | |
332 | * Update OS icons in the Web UI. | |
333 | * Fix bug when using custom fields, we must use the field\_name instead of the display\_name | |
334 | * Prevent creation of custom fields with the same name | |
335 | * Add custom fields to vuln templates. | |
336 | * Fix user's menu visibily when vuln detail is open | |
337 | * Remove "show all" option in the status report pagination | |
338 | * The activity feed widget of the dashboard now displays the hostname of the | |
339 | machine that runned each command | |
340 | * Add loading spinner in hosts report. | |
341 | * Fix "invalid dsn" bug in sql-shell | |
342 | * Fix hostnames bug in Nikto and Core Impact plugins | |
343 | * Change Openvas plugin: Low and Debug threats are not taken as vulnerabilities. | |
344 | * Add fplugin command to close vulns created after a certain time | |
345 | * Add list-plugins command to faraday-manage to see all available plugins | |
346 | * Fix a logging error in PluginBase class | |
347 | * Fix an error when using NexposePlugin from command line. | |
348 | * Add CSV parser to Dnsmap Plugin | |
349 | * Fix bug when creating web vulnerabilities in dirb plugin | |
350 | * Change Nexpose Severity Mappings. | |
351 | ||
352 | 3.7.3 [May 3rd, 2019]: | |
353 | --- | |
354 | * Add parser for connection string at PGCli connection | |
355 | * Fix bug when using custom fields, we must use the field_name instead of the display_name | |
356 | * Fix user's menu visibily when vuln detail is open. | |
357 | * Fix bug in status report that incorrectly showed standard vulns like if they were vulnwebs | |
358 | ||
359 | 3.7: | |
360 | --- | |
361 | * Add vulnerability preview to status report | |
362 | * Update Fierce Plugin. Import can be done from GTK console. | |
363 | * Update Goohost plugin and now Faraday imports Goohost .txt report. | |
364 | * Update plugin for support WPScan v-3.4.5 | |
365 | * Update Qualysguard plugin to its 8.17.1.0.2 version | |
366 | * Update custom fields with Searcher | |
367 | * Update Recon-ng Plugin so that it accepts XML reports | |
368 | * Add postres version to status-change command | |
369 | * Couchdb configuration section will not be added anymore | |
370 | * Add unit test for config/default.xml | |
371 | ||
372 | 3.6 [Feb 21th, 2019]: | |
373 | --- | |
374 | * Fix CSRF (Cross-Site Request Forgery) vulnerability in vulnerability attachments API. | |
375 | This allowed an attacker to upload evidence to vulns. He/she required to know the | |
376 | desired workspace name and vulnerability id so it complicated the things a bit. We | |
377 | classified this vuln as a low impact one. | |
378 | * Readonly and disabled workspaces | |
379 | * Add fields 'impact', 'easeofresolution' and 'policyviolations' to vulnerability_template | |
380 | * Add pagination in 'Command history', 'Last Vulnerabilities', 'Activity logs' into dashboard | |
381 | * Add status_code field to web vulnerability | |
382 | * Preserve selection after bulk edition of vulnerabilities in the Web UI | |
383 | * Faraday's database will be created using UTF-8 encoding | |
384 | * Fix bug of "select a different workspace" from an empty list loop. | |
385 | * Fix bug when creating duplicate custom fields | |
386 | * Fix bug when loading in server.ini with extra configs | |
387 | * Fix `./manage.py command`. It wasn't working since the last schema migration | |
388 | * `./manage.py createsuperuser` command renamed to `./manage.py create-superuser` | |
389 | * Fix bug when non-numeric vulnerability IDs were passed to the attachments API | |
390 | * Fix logic in search exploits | |
391 | * Add ability to 'Searcher' to execute rules in loop with dynamic variables | |
392 | * Send searcher alert with custom mail | |
393 | * Add gitlab-ci.yml file to execute test and pylint on gitlab runner | |
394 | * Fix 500 error when updating services and vulns with specific read-only parameters set | |
395 | * Fix SQLMap plugin to support newer versions of the tool | |
396 | * Improve service's parser for Lynis plugin | |
397 | * Fix bug when parsing URLs in Acunetix reports | |
398 | * Fix and update NetSparker Plugin | |
399 | * Fix bug in nessus plugin. It was trying to create a host without IP. Enabled logs on the server for plugin processing (use --debug) | |
400 | * Fix bug when parsing hostnames in Nessus reports | |
401 | * Fix SSLyze report automatic detection, so reports can be imported from the web ui | |
402 | * Update Dnsmap Plugin | |
403 | ||
404 | 3.5 [Jan 16th, 2019]: | |
405 | --- | |
406 | * Redesgin of new/edit vulnerability forms | |
407 | * Add new custom fields feature to vulnerabilities | |
408 | * Add ./manage.py migrate to perform alembic migrations | |
409 | * Faraday will use webargs==4.4.1 because webargs==5.0.0 fails with Python2 | |
410 | * New system for online plugins using Threads, a few fixes for metasploit plugin online also. | |
411 | * Fix Command "python manage.py process-reports" now stops once all reports have been processed | |
412 | * Fix bug in query when it checks if a vulnerability or a workspace exists | |
413 | * Fix Once a workspace is created through the web UI, a folder with its name is created inside ~/.faraday/report/ | |
414 | * The manage.py now has a new support funtionality that creates a .zip file with all the information faraday's support team will need to throubleshoot your issue | |
415 | * Status-check checks PostgreSQL encoding | |
416 | * Fix a bug when fail importation of reports, command duration say "In Progress" forever. | |
417 | * Fix confirmed bug in vulns API | |
418 | * Update websockets code to use latest lib version | |
419 | * bootstrap updated to v3.4.0 | |
420 | * Manage.py support now throws a message once it finishes the process. | |
421 | * Update Lynis to its version 2.7.1 | |
422 | * Updated arp-scan plugin, added support in the Host class for mac address which was deprecated before v3.0 | |
423 | * OpenVAS Plugin now supports OpenVAS v-9.0.3 | |
424 | ||
425 | 3.4 [December 6th, 2018]: | |
426 | --- | |
427 | * In GTK, check active_workspace its not null | |
428 | * Add fbruteforce services fplugin | |
429 | * Attachments can be added to a vulnerability through the API. | |
430 | * Catch gaierror error on lynis plugin | |
431 | * Add OR and NOT with parenthesis support on status report search | |
432 | * Info API now is public | |
433 | * Web UI now detects Appscan plugin | |
434 | * Improve performance on the workspace using cusotm query | |
435 | * Workspaces can be set as active/disable in welcome page. | |
436 | * Change Nmap plugin, response field in VulnWeb now goes to Data field. | |
437 | * Update code to support latest SQLAlchemy version | |
438 | * Fix `create_vuln` fplugin bug that incorrectly reported duplicated vulns | |
439 | * Attachments on a vulnerability can be deleted through the API. | |
440 | * Improvement in the coverage of the tests. | |
441 | ||
442 | 3.3 [Novemeber 14th, 2018]: | |
443 | --- | |
444 | * Add workspace disable feature | |
445 | * Add mac vendor to host and services | |
446 | * Fix typos and add sorting in workspace name (workspace list view) | |
447 | * Improve warning when you try to select hosts instead of services as targets of a Vulnerability Web | |
448 | * Deleted old Nexpose plugin. Now Faraday uses Nexpose-Full. | |
449 | * Update sqlmap plugin | |
450 | * Add updated zap plugin | |
451 | * Add hostnames to nessus plugin | |
452 | * Python interpreter in SSLCheck plugin is not hardcoded anymore. | |
453 | * Fix importer key error when some data from couchdb didn't contain the "type" key | |
454 | * Fix AttributeError when importing vulns without exploitation from CouchDB | |
455 | * Fix KeyError in importer.py. This issue occurred during the import of Vulnerability Templates | |
456 | * Fix error when file config.xml doesn't exist as the moment of executing initdb | |
457 | * Improve invalid credentials warning by indicating the user to run Faraday GTK with --login option | |
458 | * Fix typos in VulnDB and add two new vulnerabilities (Default Credentials, Privilege Escalation) | |
459 | * Improved tests performance with new versions of the Faker library | |
460 | * `abort()` calls were checked and changed to `flask.abort()` | |
461 | ||
462 | 3.2 [October 17th, 2018]: | |
463 | --- | |
464 | * Added logical operator AND to status report search | |
465 | * Restkit dependency removed. | |
466 | * Improvement on manage.py change-password | |
467 | * Add feature to show only unconfirmed vulns. | |
468 | * Add ssl information to manage.py status-check | |
469 | * Update wpscan plugin to support latest version. | |
470 | * Allow workspace names starting with numbers. | |
471 | ||
472 | September 21, 2018: | |
473 | --- | |
474 | * Fix bug: manage.py status_check | |
475 | * Fix bug: manage.py initdb | |
476 | ||
477 | September 17, 2018: | |
478 | --- | |
479 | * Fix get exploits API | |
480 | * New searcher feature | |
481 | * Added host_os column to status report | |
482 | * Fix and error while trying to execute server with --start | |
483 | * Added option --choose-password to initdb | |
484 | * Continous scan updated for Nessus 7 | |
485 | * Refactor on server.config to remove globals | |
486 | * Added a directory for custom templates for executive reports (pro and corp) | |
487 | * Activity feed shows more results and allows to filter empty results | |
488 | * Allow ot create workspace that start with numbers | |
489 | * Added more variables to executive reports (pro and corp) | |
490 | * Fixed some value checking on tasks api (date field) | |
491 | * OpenVas plugin updated | |
492 | * Appscan plugin update | |
493 | * Added no confirmed vulns to report api | |
494 | * Fixed a bug on workspace API when the workspace already exists on database | |
495 | * Fix owner filter on status report | |
496 | * Fixes on import_csv fplugin when the api returned 409 | |
497 | * Fixes on status_check | |
498 | * Fixed a bug on webui when workspace permission was changed (pro and corp) | |
499 | * Update nexpose plugin | |
500 | * uigrid library updated to latest version | |
501 | * Bug fix on plugin automatic detection | |
502 | * Fixed a bug on executive reports when multiple reports were scheduled | |
503 | * Avoid closing the executive report and new vuln modal when the form has data | |
504 | * Status report open new tab for evidence | |
505 | * added change_password to manage.py | |
506 | * Update wapiti plugin | |
507 | * Fixed vuln count on executive report (pro and corp) | |
508 | * Fixed css align in some tables | |
509 | * Fixed No ports available error on the client | |
510 | ||
511 | August 17, 2018: | |
512 | --- | |
513 | * Updated code to use Flask 1.0 | |
514 | * Add threadfix integration (corp only) | |
515 | * Fix create_service fplugin | |
516 | * Executive report bug fix on tags | |
517 | * Persistence server bug fix on impact and ease of resolution | |
518 | * Fix unicode error bug on executive reports | |
519 | * Updated code to support latest Twisted version | |
520 | * Updated all requirements to use >= | |
521 | * Fix dry run on create_host fplugin | |
522 | * Fixed del_all_vulns_with and del_all_hosts | |
523 | * Improved executive reports status update refresh | |
524 | * Websocket port is configurable now | |
525 | * Change minimum font size in tag cloud | |
526 | * Fixed a problem with shodan icon on dashboard | |
527 | * Updated license check on deleted users | |
528 | * Users with role client was not able to change password, bug fixed | |
529 | * Updated code to support pip 10 | |
530 | * Added ldap to status check | |
531 | * Credentials icon aligned | |
532 | * Deamon now allows to execute faraday sever in more than one port and more than one process for multiplexation | |
533 | * All views now check for permissions on workspace | |
534 | * Pull requests #229, #231, #239 and #240 are merged | |
535 | * Avoid polling deleted executive reports | |
536 | * Added documentation to project | |
537 | * Fix self xss on webshell | |
538 | * Add postgres locks check on status_check | |
539 | * Vuln counter fix when confirmed is on | |
540 | ||
541 | July 26, 2018: | |
542 | --- | |
543 | * Interface removed from model and from persistence server lib (fplugin) | |
544 | * Performance iprovements on the backend | |
545 | * Add quick change workspace name (from all views) | |
546 | * Changed the scope field of a workspace from a free text input to a list of targets | |
547 | * New faraday styles in all webui views | |
548 | * Add search by id for vulnerabilities | |
549 | * Add new plugin sslyze | |
550 | * Add new plugin wfuzz | |
551 | * Add xsssniper plugin | |
552 | * Fix W3af, Zap plugins | |
553 | * Add brutexss plugin | |
554 | * Allow to upload report file from external tools from the web | |
555 | * Fix sshcheck import file from GTK | |
556 | * Add reconng plugin | |
557 | * Add sublist3r plugin | |
558 | * Add HP Webinspect plugin | |
559 | * Add dirsearch plugin | |
560 | * Add ip360 plugin | |
561 | * CouchDB was replaced by PostgreSQL :) | |
562 | * Host object changed, now the name property is called ip | |
563 | * Interface object was removed | |
564 | * Note object was removed and replaced with Comment | |
565 | * Communication object was removed and replaced with Comment | |
566 | * Show credentials count in summarized report on the dashboard | |
567 | * Remove vuln template CWE fields, join it with references | |
568 | * Allow to search hosts by hostname, os and service name | |
569 | * Allow the user to specify the desired fields of the host list table | |
570 | * Add optional hostnames, services, MAC and description fields to the host list | |
571 | * Workspace names can be changed from the Web UI | |
572 | * Exploitation and severity fields only allow certain values. CWE CVEs were fixed to be valid. A script to convert custom CSVs was added. | |
573 | * Web UI path changed from /_ui/ to / (_ui has now a redirection to / for keeping backwards compatibility) | |
574 | * dirb plugin creates an informational vulnerability instead of a note. | |
575 | * Add confirmed column to exported csv from webui | |
576 | * Fixes in Arachni plugin | |
577 | * Add new parameters --keep-old and --keep-new for faraday CLI | |
578 | * Add new screenshot fplugin which takes a screenshot of the ip:ports of a given protocol | |
579 | * Add fix for net sparker regular and cloud fix on severity | |
580 | * Removed Chat feature (data is kept inside notes) | |
581 | * Add CVSS score to reference field in Nessus plugin. | |
582 | * Fix unicode characters bug in Netsparker plugin. | |
583 | * Fix qualys plugin. | |
584 | * Fix bugs with MACOS and GTK. | |
585 | ||
586 | April 10, 2018: | |
587 | --- | |
588 | * Fix bug with tornado version 5.0 and GTK client. | |
589 | ||
590 | November 17, 2017: | |
591 | --- | |
592 | * Fix bug with tags in models. | |
593 | ||
594 | November 5, 2017: | |
595 | --- | |
596 | * Added "Last modified" and "Created" in Hosts view | |
597 | * Fixed bug when trying to run Faraday as second process and closing the terminal (&!) | |
598 | * Fixed bug where it asked for dependencies eternally when you have a different version than the one required | |
599 | * Fixed small bug in the update_from_document method | |
600 | * Fixed bug, makes the python library dependencies specific to the desired version | |
601 | * Fixed GitHub language bar to reflect real code percentage | |
602 | * Merge PR #195: Create gentoo_requirements_extras.txt (New Github wiki page) | |
603 | * Merge PR #225: Add references to found vulnerabilities in nmap plugin | |
604 | * New plugin: Netsparker cloud | |
605 | * New plugin: Lynis (Winner of Faraday Challenge 2017) | |
606 | * New Fplugin: changes the status of all vulnerabilities of an specific workspace to closed | |
607 | * New Fplugin: combines the "create_interface" and "create_host" scripts into one (create_interface_and_host script) | |
608 | * New Fplugin: import_csv , now you can import Faraday objects from a CSV | |
609 | ||
610 | August 11, 2017: | |
611 | --- | |
612 | * Add check to the vuln creation modal for empty targets in the Web UI | |
613 | ||
614 | August 9, 2017: | |
615 | --- | |
616 | No changes | |
617 | ||
618 | August 7, 2017: | |
619 | --- | |
620 | * Updated Core Impact plugin to be compatible with 2016 version | |
621 | * Improved loading of fields request and website in Burp Plugin | |
622 | * Improved Nexpose Full plugin | |
623 | * Improved Acunetix plugin to avoid conflicts and missing imported data, and to correctly parse URLs and resolutions | |
624 | ||
625 | July 19, 2017: | |
626 | --- | |
627 | * Added the ability to select more than one target when creating a vuln in the Web UI | |
628 | * Merged PR #182 - problems with zonatransfer.me | |
629 | * Fixed bug in Download CSV of Status report with old versions of Firefox. | |
630 | * Fixed formula injection vulnerability in export to CSV feature | |
631 | * Fixed DOM-based XSS in the Top Services widget of the dashboard | |
632 | * Fix in AppScan plugin. | |
633 | * Fix HTML injection in Vulnerability template. | |
634 | * Add new plugin: Junit XML | |
635 | * Improved pagination in new vuln modal of status report | |
636 | * Added "Policy Violations" field for Vulnerabilities | |
637 | ||
638 | May 24, 2017: | |
639 | --- | |
640 | * Fixed bug when editing workspaces created in GTK | |
641 | * Improved host search in the WEB UI | |
642 | * Extended the config to support different searching engines in the WEB UI | |
643 | * Check that client and server versions match when connecting | |
644 | * Adds the 'v' and 'version' argument for both the server and the client | |
645 | * Fixed "refresh" button in the Web UI | |
646 | * Fix API on /ws/<workspace> with duration object None | |
647 | * Added a CRUD for Credentials to the Web UI | |
648 | * Bug fixes on the Burp Online Plugin | |
649 | * Added a script to connect with Reposify | |
650 | * Fixed Hostname import in Nessus Plugin | |
651 | * Make plugin methods log() and devlog() work again | |
652 | * Fixed bug in SQLMap plugin that made the client freeze | |
653 | * Improved SQLMap plugin to support more options and to show errors in GTK log console | |
654 | * Fixed bug when creating/updating Credentials | |
655 | * Improve plugins usage of vulnweb URL fields | |
656 | * Fixed order of Report Plugins in the GTK import list | |
657 | ||
658 | March 17, 2017: | |
659 | --- | |
660 | * Added link to name column in Hosts list | |
661 | * Created a requirements_extras.txt file to handle optional packages for specific features | |
662 | * Fixed bug in SQLMap plugin that made the client freeze | |
663 | * Fixed bug when creating/updating Credentials | |
664 | * Fixed bug in the WEB UI - menu explanation bubbles were hidden behind inputs | |
665 | * Fixed conflict resolution when the object was deleted from another client before resolving the conflict | |
666 | * Improved fplugin | |
667 | * Improved the installation process | |
668 | * Improved SQLMap plugin to support --tables and --columns options | |
669 | * Improved navigation in Web UI | |
670 | * Merged PR #137 - CScan improvements: bug fixing, change plugin format and removed unnecessary file output | |
671 | * Merged PR #173 - Hostnames: added hostnames to plugins | |
672 | * Merged PR #105 - OSint: added the possibility of using a DB other than Shodan | |
673 | * The Status Report now remembers the sorting column and order | |
674 | ||
675 | February 8, 2017: | |
676 | --- | |
677 | * Fixed max amount of vulns pagination bug in Web UI | |
678 | * Fixed Maltego plugin | |
679 | ||
680 | January 30, 2017: | |
681 | --- | |
682 | * Added an activity feed panel in the Dashboard. | |
683 | * Added AppScan plugin. | |
684 | * Improved Burp's Online plugin. Added fields and removed HTML tags. | |
685 | * Refactor remaining modules to be compatible with JS Strict Mode. | |
686 | * Fixed bug that prevented GTK from closing when user clicked CANCEL on WS creation. | |
687 | * Fixed size of Workspace creation dialog. | |
688 | * New cwe databases: English and Spanish. | |
689 | * Added Hping plugin. | |
690 | * Enhancements to Wpscan plugin. | |
691 | ||
692 | November 10, 2016: | |
693 | --- | |
694 | * New library to connect with Faraday Server. | |
695 | * Fixed Fplugin, now it uses the new library to communicate with the Server. | |
696 | * New field for Vulnerabilities: plugin creator and status. | |
697 | * Refactor in Faraday Core and GTK Client. | |
698 | * Bug fixing in Faraday Client and Server. | |
699 | * Added Faraday news notifications in GTK and Web UI. | |
700 | * New plugins: Dirb, Netdiscover, FruityWifi, Sentinel. | |
701 | * Improvements on the WPscan plugin. | |
702 | * Fixed Licenses search. | |
703 | * Refactor Licenses module to be compatible with JS Strict Mode. | |
704 | ||
705 | September 19, 2016: | |
706 | --- | |
707 | * Major refactor of Faraday Client: now we support massive workspaces (100.000+ hosts). | |
708 | * Fixed more than 10 minor bugs on the Web UI. | |
709 | * Fixed searching with spaces character on Web UI | |
710 | * Updated URL shown when starting Faraday. | |
711 | * Dashboard is now refreshed automatically every 60 seconds. | |
712 | * Fixed Propecia plugin. | |
713 | * New plugin: WPscan | |
714 | * Host Sidebar on GTK now adds information more intelligently and will never block the application. | |
715 | * Evidence screenshots in report generation is now bigger. | |
716 | * Help menu in GTK with links to interesting links. | |
717 | * Added Help section to WEB UI. | |
718 | ||
719 | August 12, 2016: | |
720 | --- | |
721 | * Added Faraday Server | |
722 | * Improved performance in web UI | |
723 | * Added some basic APIs to Faraday Server | |
724 | * Added licenses management section in web UI | |
725 | * Totally removed QT3, GTK is now the only GUI | |
726 | * Deprecated FileSystem databses: now Faraday works exclusively with Faraday Server and CouchDB | |
727 | * Added a button to go to the Faraday Web directly from GTK | |
728 | * Fixed bug when deleting objects from Faraday Web | |
729 | * Fixed bug where icons where not copied to correct folder on initialization | |
730 | * Fixed bug where current workspace wouldn't correspond to selected workspace on the sidebar on GTK | |
731 | * Fixed bug in 'Refresh Workspace' button on GTK | |
732 | * Fixed bug where Host Sidebar and Statusbar information wasn't correctly updated on GTK | |
733 | * Fixed bug in service editing | |
734 | * Fixed sqlmap plugin | |
735 | * Fixed metapsloit plugin | |
736 | ||
737 | Jul 1, 2016: | |
738 | --- | |
739 | * GTK is the default interface now. | |
740 | * Added new plugin : Ndiff. | |
741 | * Added new plugin : Netcat (Gnu netcat - OpenBSD netcat - Original netcat) | |
742 | * Added button to edit your host in the GTK interface. | |
743 | * Hosts sidebar now can be sorted by amout of vulnerabilities and OS. | |
744 | * Changes in installation: install.sh now installs only GTK, QT is considered deprecated. | |
745 | * Changes in installation: Faraday now runs with the last versions of Python modules. | |
746 | * Changes in installation: fixed names of packages in setup_server.sh | |
747 | * Usability: Enter key in GTK dialogs works as OK button | |
748 | * Improved handling of lost connection to CouchDB database | |
749 | * First steps towards deprecating Filesystem databases | |
750 | * Fixed a bug when workspace was changed | |
751 | * Fixed a bug with Import Reports Dialog in GTK GUI on OS X. | |
752 | * Fixed a bug with Ctrl+Shift+C and Ctrl+Shift+V in some desktops managers. | |
753 | * Fixed a bug with mapper of vulnerabilities. | |
754 | ||
755 | Jun 13, 2016: | |
756 | --- | |
757 | * Added Import Report dialog to Faraday GTK | |
758 | * Added a 'Loading workspace...' dialog to Faraday GTK | |
759 | * Added host sidebar to Faraday GTK | |
760 | * Added host information dialog to Faraday GTK with the full data about a host, its interfaces, services and vulnerabilities | |
761 | * Added support for run faraday from other directories. | |
762 | * Fixed log reapparing after being disabled if user created a new tab | |
763 | * Fixed bug regarding exception handling in Faraday GTK | |
764 | * Now Faraday GTK supports Ctrl+Shift+C / Ctrl+Shift+V to Copy/Paste | |
765 | * Faraday will now not crash if you suddenly lose connection to your CouchDB | |
766 | ||
767 | May 23, 2016: | |
768 | --- | |
769 | * Removed description from Hosts list in WEB UI | |
770 | * Fixed sort in Hosts list in WEB UI | |
771 | * Fixed ports sorting in Host view in WEB UI | |
772 | * Added search link for OS in Hosts list in WEB UI | |
773 | * Removed description from Services list in WEB UI | |
774 | * Added version to Services list in WEB UI | |
775 | * Modified false values in Hosts list in WEB UI | |
776 | * Added search links in Services list in WEB UI | |
777 | * Added scrollbar in Gtk Terminal. | |
778 | * Added workspace status in Gtk interface | |
779 | * Added conflict resolution support for the Gtk interface | |
780 | * Added search entry for workspaces in Gtk | |
781 | * Added support for 'exit' command inside Faraday's Gtk terminal | |
782 | * Improved handling of uncaught exceptions in Gtk interface | |
783 | * Improved text formatting in Gtk's log console | |
784 | * Fixed several small bugs in Faraday GTK | |
785 | * Added support for resize workspace bar. | |
786 | * Added a quote for imported reports in WEB UI. | |
787 | * Added support for a new type of report in Qualysguard plugin. | |
788 | * Fixed bugs in plugins: Acunetix - Nmap - Nikto. | |
789 | ||
790 | Apr 29, 2016: | |
791 | --- | |
792 | * Added Open services count to Hosts list in WEB UI | |
793 | * Improved zsh integration | |
794 | * Added GTK3 interface prototype | |
795 | * Added plugin detection through report name | |
796 | * Fixed an error in wcscan script | |
797 | * Fixed nikto plugin | |
798 | * Fixed openvas plugin | |
799 | ||
800 | Apr 04, 2016 | |
801 | --- | |
802 | * Added cli mode (see wiki for usage instructions) | |
803 | * Support for multiple Faraday instances in the same host | |
804 | * Fixed bug for editing web vulns in bulk | |
805 | * Fixed bug for select all in web UI | |
806 | * Fixed bugs in Qualys, ZAP, nikto, w3af, openVas plugins | |
807 | * Added some new scripts and helpers | |
808 | ||
809 | ||
810 | Feb 26, 2016: | |
811 | --- | |
812 | * Fixed bug in pip debian | |
813 | * BugFix pip install. | |
814 | * Checks additionals about dependencies in installation. | |
815 | * Warning about a upgrade to experimental in debian installation. | |
816 | * Fixed small bug in CSV importing | |
817 | * Fixed styles for Status Report | |
818 | * Fixed bug on Status Report filter after editing | |
819 | * Added support for Kali Rolling Edition | |
820 | * Notify user when the current Workspace doesn't exist | |
821 | * Show all evidence files in Status Report | |
822 | * Added script to remove all vulns with a specific severity value (parameterized) | |
823 | * Fixed Arachni Plugin bugs | |
824 | * Added new version for Maltego Plugin | |
825 | * Added support for Mint 17 | |
826 | ||
827 | Dec 18, 2015: | |
828 | --- | |
829 | * Immunity Canvas plugin added | |
830 | * Added Dig plugin | |
831 | * Added Traceroute plugin | |
832 | * Fixed bug in first run of Faraday with log path and API errors | |
833 | * Added parametrization for port configuration on APIs | |
834 | * Refactor Plugin Base to update active WS name in var | |
835 | * Refactor Plugins to use current WS in temp filename under $HOME/.faraday/data. Affected Plugins: | |
836 | - amap | |
837 | - dnsmap | |
838 | - nmap | |
839 | - sslcheck | |
840 | - wcscan | |
841 | - webfuzzer | |
842 | - nikto | |
843 | * Fixed bug get_installed_distributions from handler exceptions | |
844 | * Added Wiki information about running Faraday without configuring CouchDB | |
845 | * Fixed Unicode bug in Nexpose-full Plugin | |
846 | * Filter false-positives in Status Report | |
847 | * Fixed bug that prevented the use of "reports" and "cwe" strings in Workspace names | |
848 | * Added port to Service type target in new vuln modal | |
849 | * Added new scripts for faraday plugin: | |
850 | - /bin/delAllVulnsWith.py - delete all vulns that match a regex | |
851 | - /bin/getAllbySrv.py - get all IP addresses that have defined open port | |
852 | - /bin/getAllIpsNotServices.py added - get all IPs from targets without services | |
853 | * Fixed bug null last workspace | |
854 | * Fixed bugs in CSV export/import in QT | |
855 | ||
856 | Oct 2, 2015: | |
857 | --- | |
858 | * Continuous Scanning Tool cscan added to ./scripts/cscan | |
859 | * Fix for saving objects without parent | |
860 | * Hosts and Services views now have pagination and search | |
861 | * Updates version number on Faraday Start | |
862 | * Visual fixes on Firefox | |
863 | * Migrate graphs from D3.js to Chart.js | |
864 | * Added Services columns to Status Report | |
865 | * Added sections of Commercial versions | |
866 | * Converted references to links in Status Report. Support for CVE, CWE, Exploit Database and Open Source Vulnerability Database | |
867 | * Added Peepingtom, SSHdefaultscan and pasteAnalyzer plugins | |
868 | * Fixed Debian install | |
869 | ||
870 | Sep 10, 2015: | |
871 | --- | |
872 | * Adding filename path information of report imported in history command | |
873 | * Remove old couchdb upgrade process | |
874 | * Adding Iceweasel browser > 38.2.0 support | |
875 | * Adding more navigability in differents GUI Web (Dashboard/Services/Views) | |
876 | * Fixed bug copy clipboard offline (update path of ngClip dependeces) | |
877 | * Added class to set colors to severities in new/edit vuln view | |
878 | * Medusa, Hydra & Metasploit plug-in now added discovered weak credentials as a vulnerability | |
879 | * Nmap plug-in applyies a severity depending on the result of a NSE script | |
880 | * Fixed small bug for empty ease of resolution | |
881 | * Adding more time to generation shells QT | |
882 | * Added "Search in Shodan" links in different views (Status Report, Host View, Service View) | |
883 | * Removed required of name field service bulk edition | |
884 | * Added ng-disabled on Edit button if select more of 1 host on Host View WEB UI | |
885 | * Refactored GUI Web: | |
886 | Icon added for Modal Error | |
887 | OS, Creator, Date for modal-services-by-host.html | |
888 | Fixed typo in Host Edit, the popup message was wrong | |
889 | First version for in estilos.css for clear mode | |
890 | Also, added hover to grey boxes in the Dashboard. | |
891 | * Added vulns count for Hosts in WEB UI | |
892 | * Updated w3af plugin to support report version 1.7.6 | |
893 | * Ignored cwe database from updater and QT views | |
894 | * Plugin for Nexpose XML Export 2.0 | |
895 | * Added masscan plugin (1.0.3) | |
896 | ||
897 | Aug 19, 2015: | |
898 | --- | |
899 | * Exported CSV contains filters and columns from Status Report in WEB UI | |
900 | * Vulnerability counter on Status Report in WEB UI | |
901 | * Added quick vuln edit and delete in WEB UI | |
902 | * Expanded Unit Tests for WEB UI | |
903 | * XML Cleaner | |
904 | * Kali 2.0 support | |
905 | * Improve plugins running status log (Adding log information on report importing) | |
906 | * Clean dev log on plugins | |
907 | * w3af plugin refactoring | |
908 | * Fix Debian 7/8.1 install support | |
909 | ||
910 | Aug 05, 2015: | |
911 | --- | |
912 | ||
913 | * Added CWE database and integration with vulns creation | |
914 | * Added ENTER shortcut on modals | |
915 | * Progress bar for workspace in the dashboard | |
916 | * Bug fixing in workspaces and status report components | |
917 | * Unit testing for vulns, status report and workspaces components | |
918 | * Debian 8.1 support | |
919 | ||
920 | ||
921 | Jun 30, 2015: | |
922 | --- | |
923 | ||
924 | * Added hosts CRUD | |
925 | * Added services CRUD | |
926 | * Fix ubuntu 15.04 installation bug | |
927 | * Small bug in burp plugin "Import new vulnerabilities" checkbox issue | |
928 | * Added an interactive visualization to calculate the value of a Workspace | |
929 | * Fixed several bugs in WEB UI | |
930 | * Added a URL filter functionality to the status report, allowing searches by fields | |
931 | ||
932 | ||
933 | Apr 17, 2015: | |
934 | --- | |
935 | * You can get the new version here: | |
936 | * https://github.com/infobyte/faraday/archive/v1.0.10.tar.gz | |
937 | ||
938 | Changes: | |
939 | ||
940 | * Styles changes in WEB UI: fancy component selection, improved workspaces selection. | |
941 | ||
942 | Bugfixes: | |
943 | * Date on Workspace creation | |
944 | * Tables in Firefox | |
945 | ||
946 | ||
947 | Apr 7, 2015: | |
948 | --- | |
949 | You can get the new version here: | |
950 | * https://github.com/infobyte/faraday/archive/v1.0.9.tar.gz | |
951 | ||
952 | Changes: | |
953 | ||
954 | * Performance improvement in the dashboard | |
955 | * Fix bug OSX install | |
956 | * Bug fixes | |
957 | ||
958 | ||
959 | Mar 9, 2015: | |
960 | --- | |
961 | You can get the new version here: | |
962 | ||
963 | * https://github.com/infobyte/faraday/archive/v1.0.8.tar.gz | |
964 | ||
965 | Changes: | |
966 | ||
967 | * WcScan script and plugin (scripts/wcscan.py) | |
968 | * New Dashboard D3 with AngularJS | |
969 | * Easy access to Vulnerability pages in the Status Report | |
970 | * Easy access to the Host pages on the dashboard | |
971 | * Creation and Editing capabilities for the Workspace from the UI Web | |
972 | * Support installation for the latest version of Debian/Ubuntu/Kali | |
973 | * sqlmap version 1.0-dev support updated | |
974 | * API Status Check in both ZSH & QT GUI | |
975 | * Field added for resolution of vulnerabilities classification with plug-ins updated to support the new function. | |
976 | * Field added for rating "ease of resolution" for vulnerabilities | |
977 | * Adjustments for Resolution field | |
978 | ||
979 | * New Faraday plugin for Burp. Version 1.2 | |
980 | -Corrections for the vulnerabilities duplication for the burp plugin | |
981 | -New tab section to configure the new Vulnerabilities downloads for Faraday | |
982 | ||
983 | * Automated backup for couch database | |
984 | * Ability to upload evidence of a vulnerability (as an attachment) | |
985 | * Ability to assign Vulnerability Impact (confidentiality, integrity, availability). | |
986 | ||
987 | Dec 12, 2014: | |
988 | --- | |
989 | You can get the new version here: | |
990 | ||
991 | * https://github.com/infobyte/faraday/archive/v1.0.7.tar.gz | |
992 | ||
993 | Changes: | |
994 | ||
995 | * Improved Vulnerability Edition usability, selecting a vuln will load it's content. | |
996 | * ZSH UI now is showing notifications. | |
997 | * ZSH UI now is showing active workspace. | |
998 | * Faraday now asks confirmation on exit, If you have pending conflicts to solve it will show the number of each. | |
999 | * Vulnerability creation is now suported in the status report. | |
1000 | * Introducing SSLCheck, a tool for verify bugs in SSL/TLS Certificates on remote hosts. This is integrated with Faraday with a plugin. | |
1001 | * Shodan Plugin is now working with the new API. | |
1002 | * Some cosmetic changes in the status report. | |
1003 | ||
1004 | Bugfixes: | |
1005 | ||
1006 | * Sorting collumns in the Status Report now is working. | |
1007 | * Workspace icon is based on the type of the workspace. | |
1008 | * Opening the reports in QT UI now opens the active workspace. | |
1009 | * UI Web dates fixes, we were showing dates with a off-by-one error. | |
1010 | * Vulnerability edition was missing 'critical' severity. | |
1011 | * Objects merge bugfixing | |
1012 | * Metadata recursive save fix | |
1013 | ||
1014 | ||
1015 | ||
1016 | Nov 7, 2014: | |
1017 | --- | |
1018 | You can get the new version here: | |
1019 | ||
1020 | * https://github.com/infobyte/faraday/archive/v1.0.6.tar.gz | |
1021 | ||
1022 | Changes: | |
1023 | ||
1024 | * Status report modifications: | |
1025 | * Web vulnerability edition support. | |
1026 | * Variable columns in status report. | |
1027 | * New field called "Data" with extra information about a vulnerability. | |
1028 | * Bug fixes | |
1029 | ||
1030 | ||
1031 | Oct 17, 2014: | |
1032 | ---- | |
1033 | * https://github.com/infobyte/faraday/commit/a81c6376ed47a2f7b501c8f48f2179eb7c5d58b9 | |
1034 | ||
1035 | Status report now have edition capabilities | |
1036 | Introducing batch vulnerability edition and deletion. Now you can edit your status report. | |
1037 | ||
1038 | Lots of bug fixes | |
1039 | ||
1040 | Ubuntu 14.04 support fixes | |
1041 | Mac support fixes | |
1042 | ||
1043 | ||
1044 | Sep 26, 2014: | |
1045 | ---- | |
1046 | * https://github.com/infobyte/faraday/commit/440858ec8172193ce401bbf6a5f4b3052edb6edb | |
1047 | ||
1048 | New Dashboard design with summarized information. | |
1049 | ||
1050 | D3.js Fancy visualizations. | |
1051 | ||
1052 | Vulnerability Status report. | |
1053 | ||
1054 | Command run user/host identification. | |
1055 | ||
1056 | Vulnerability Statistics. | |
1057 | ||
1058 | Optimization Refactor. | |
1059 | ||
1060 | Jun 06, 2014: | |
1061 | ---- | |
1062 | ||
1063 | * https://github.com/infobyte/faraday/commit/e616bdb44b089bfccf2405e51837eeae5d403b9f | |
1064 | ||
1065 | Notifications: Updating objets on faraday now results in a beautiful | |
1066 | notification in the QT ui. | |
1067 | ||
1068 | Performance: Enhacing performance when lots of workspaces are available. | |
1069 | We now load each workspace whe it's needed instead of loading ahead the | |
1070 | full workspace list. | |
1071 | ||
1072 | UI: Workspace split, now you can select the workspace to visualize. We | |
1073 | are now using bootstrap. | |
1074 | ||
1075 | API: New operations on the Rest API (this is just for the following UI | |
1076 | modifications). Vulnerability update and delete operations. | |
1077 | ||
1078 | May 14, 2014: | |
1079 | ---- | |
1080 | ||
1081 | * https://github.com/infobyte/faraday/commit/9dfa9ad23dfe450ceb65d38074d55f07425aa90a | |
1082 | ||
1083 | Improving (web interface, vulnerability classification) | |
1084 | ||
1085 | Apr 30, 2014: | |
1086 | ---- | |
1087 | ||
1088 | * https://github.com/infobyte/faraday/commit/931865fd4bd9c5fbd1a237b52659b1c873e1fcbf | |
1089 | ||
1090 | MacOS Support | |
1091 | ||
1092 | Apr 04, 2014: | |
1093 | ---- | |
1094 | * https://github.com/infobyte/faraday/commit/0fe6978fe41dc85cd8540c2f26074f3e3f57507f | |
1095 | ||
1096 | We are proud to present two new features that will enhace the Faraday experience. | |
1097 | Taking feedback from our users we took account that each of them had particular needs from their consoles (completion, size, fonts, so on so forth) and their need to be able to know what commands where run during an engagement. | |
1098 | ||
1099 | * A brand new ZSH based Terminal UI | |
1100 | * The Command Run execution history |
11 | 11 | changelog_folder = Path(__file__).parent |
12 | 12 | current_folder = changelog_folder / "current" |
13 | 13 | for file in os.listdir(current_folder): |
14 | assert file == "keep", file | |
14 | assert file == ".keep", file | |
15 | 15 | version_folder = changelog_folder / version_id |
16 | 16 | for file in os.listdir(version_folder): |
17 | 17 | assert file in ["date.md", "community.md", "prof.md", "corp.md"], file |
26 | 26 | ```shell |
27 | 27 | $ pip install virtualenv |
28 | 28 | $ virtualenv faraday_venv |
29 | $ source faraday_env/bin/activate | |
29 | $ source faraday_venv/bin/activate | |
30 | 30 | $ git clone [email protected]:infobyte/faraday.git |
31 | 31 | $ cd faraday |
32 | 32 | $ git clone https://github.com/infobyte/faraday_angular_frontend.git faraday/frontend |
0 | 0 | New features in the latest update |
1 | 1 | ===================================== |
2 | 2 | |
3 | ||
4 | 3.18.1 [Nov 5th, 2021]: | |
5 | --- | |
6 | Fix CVE issue | |
7 | ||
8 | 3.18.0 [Oct 21st, 2021]: | |
9 | --- | |
10 | * Remove attachments in vulns filter endpoint | |
11 | * Add open and confirmed vulns in workspace stats | |
12 | * Add migration disabling several notifications. | |
13 | * Add user id to session API endpoint | |
14 | * Add cve to vulnerability model | |
15 | * Change funcs to views | |
16 | * FIX report import | |
17 | * Add `last_run_agent_date` field to workspace endpoint | |
18 | * Fix cve parsing in `vulnerability create` and `bulk create` | |
19 | * ADD check if postgres db is running during server start | |
20 | * Fix order_by in filters api | |
21 | * Fix 500 status code with invalid executor arguments | |
3 | 22 | |
4 | 23 | 3.17.1 [Aug 20th, 2021]: |
5 | 24 | --- |
1 | 1 | # Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/) |
2 | 2 | # See the file 'doc/LICENSE' for the license information |
3 | 3 | |
4 | __version__ = '3.17.1' | |
4 | __version__ = '3.18.1' | |
5 | 5 | __license_version__ = __version__ |
175 | 175 | with get_app().app_context(): |
176 | 176 | if db.session.query(User).filter_by(active=True).count() > 0: |
177 | 177 | print( |
178 | "Can't create more users. The comumunity edition only allows one user. Please contact support for further information.") | |
178 | "Can't create more users. The community edition only allows one user. " | |
179 | "Please contact support for further information.") | |
179 | 180 | sys.exit(1) |
180 | 181 | |
181 | 182 | get_app().user_datastore.create_user(username=username, |
+52
-0
0 | """disable several notifications and add event enabled flag | |
1 | ||
2 | Revision ID: 1574fbcf72f5 | |
3 | Revises: 89115e133f0a | |
4 | Create Date: 2021-09-21 13:46:08.382496+00:00 | |
5 | ||
6 | """ | |
7 | from alembic import op | |
8 | import sqlalchemy as sa | |
9 | ||
10 | ||
11 | # revision identifiers, used by Alembic. | |
12 | from faraday.server.models import NotificationSubscription, EventType, NotificationSubscriptionWebSocketConfig | |
13 | ||
14 | revision = '1574fbcf72f5' | |
15 | down_revision = '89115e133f0a' | |
16 | branch_labels = None | |
17 | depends_on = None | |
18 | ||
19 | enabled_notifications = ['new_workspace', 'update_executivereport', 'new_agentexecution', 'new_command', 'new_comment'] | |
20 | ||
21 | ||
22 | def upgrade(): | |
23 | bind = op.get_bind() | |
24 | session = sa.orm.Session(bind=bind) | |
25 | ||
26 | session.execute("ALTER TABLE event_type ADD COLUMN enabled BOOLEAN DEFAULT true") | |
27 | session.commit() | |
28 | ||
29 | events = session.query(EventType).filter(EventType.name.notin_(enabled_notifications)).all() | |
30 | for event in events: | |
31 | event.enabled = False | |
32 | ||
33 | notifications = session.query(NotificationSubscriptionWebSocketConfig)\ | |
34 | .join(NotificationSubscription).join(EventType).filter(EventType.name.notin_(enabled_notifications)).all() | |
35 | for notification in notifications: | |
36 | notification.active = False | |
37 | session.add(notification) | |
38 | session.commit() | |
39 | ||
40 | ||
41 | def downgrade(): | |
42 | bind = op.get_bind() | |
43 | session = sa.orm.Session(bind=bind) | |
44 | ||
45 | op.execute("ALTER TABLE event_type DROP COLUMN enabled") | |
46 | ||
47 | notifications = session.query(NotificationSubscriptionWebSocketConfig)\ | |
48 | .join(NotificationSubscription).join(EventType).filter(EventType.name.notin_(enabled_notifications)).all() | |
49 | for notification in notifications: | |
50 | notification.active = True | |
51 | session.commit() |
0 | 0 | """Fix severities ordering |
1 | 1 | |
2 | 2 | Revision ID: 247a90b029f2 |
3 | Revises: 89115e133f0a | |
3 | Revises: a9fcf8444c79 | |
4 | 4 | Create Date: 2021-08-02 12:52:34.453541+00:00 |
5 | 5 | |
6 | 6 | """ |
0 | """cve_many_to_many | |
1 | ||
2 | Revision ID: 5d7a930c439e | |
3 | Revises: 18891ca61db6 | |
4 | Create Date: 2021-06-02 19:27:34.373988+00:00 | |
5 | ||
6 | """ | |
7 | from alembic import op | |
8 | import sqlalchemy as sa | |
9 | ||
10 | # revision identifiers, used by Alembic. | |
11 | revision = '5d7a930c439e' | |
12 | down_revision = '247a90b029f2' | |
13 | branch_labels = None | |
14 | depends_on = None | |
15 | ||
16 | ||
17 | def upgrade(): | |
18 | # ### commands auto generated by Alembic - please adjust! ### | |
19 | op.create_table('cve', | |
20 | sa.Column('id', sa.Integer(), nullable=False), | |
21 | sa.Column('name', sa.String(), nullable=False), | |
22 | sa.Column('year', sa.Integer(), nullable=True), | |
23 | sa.Column('identifier', sa.Integer(), nullable=True), | |
24 | sa.PrimaryKeyConstraint('id') | |
25 | ) | |
26 | op.create_table('cve_association', | |
27 | sa.Column('vulnerability_id', sa.Integer(), nullable=False), | |
28 | sa.Column('cve_id', sa.Integer(), nullable=False), | |
29 | sa.ForeignKeyConstraint(['cve_id'], ['cve.id'], ), | |
30 | sa.ForeignKeyConstraint(['vulnerability_id'], ['vulnerability.id'], ) | |
31 | ) | |
32 | # ### end Alembic commands ### | |
33 | ||
34 | ||
35 | def downgrade(): | |
36 | # | |
37 | op.drop_table('cve_association') | |
38 | op.drop_table('cve') | |
39 | # ### end Alembic commands ### |
0 | """Add hosts notifications | |
1 | ||
2 | Revision ID: 89115e133f0a | |
3 | Revises: 5d7a930c439e | |
4 | Create Date: 2021-07-26 17:18:43.521015+00:00 | |
5 | ||
6 | """ | |
7 | from alembic import op | |
8 | import sqlalchemy as sa | |
9 | ||
10 | # revision identifiers, used by Alembic. | |
11 | from faraday.server.models import NotificationSubscription, NotificationSubscriptionWebSocketConfig, User, EventType, \ | |
12 | Role | |
13 | ||
14 | revision = '89115e133f0a' | |
15 | down_revision = '5d7a930c439e' | |
16 | branch_labels = None | |
17 | depends_on = None | |
18 | ||
19 | admin = User.ADMIN_ROLE | |
20 | pentester = User.PENTESTER_ROLE | |
21 | asset_owner = User.ASSET_OWNER_ROLE | |
22 | client = User.CLIENT_ROLE | |
23 | ||
24 | notifications_config = [ | |
25 | # Host | |
26 | {'roles': [admin, pentester, asset_owner, client], | |
27 | 'event_types': ['new_host', 'update_host', 'delete_host']}, | |
28 | ] | |
29 | ||
30 | ||
31 | def upgrade(): | |
32 | bind = op.get_bind() | |
33 | session = sa.orm.Session(bind=bind) | |
34 | ||
35 | for config in notifications_config: | |
36 | for event_type in config['event_types']: | |
37 | roles = session.query(Role).filter(Role.name.in_(config['roles'])).all() | |
38 | if not roles: | |
39 | raise ValueError(f"Roles {config['roles']} not exist.") | |
40 | ||
41 | session.execute(f"INSERT INTO event_type (name) VALUES ('{event_type}')") # nosec | |
42 | event_type_id = session.query(EventType.id).filter(EventType.name == event_type).one() | |
43 | n = NotificationSubscription(event_type_id=event_type_id, allowed_roles=roles) | |
44 | ||
45 | ns = NotificationSubscriptionWebSocketConfig(subscription=n, | |
46 | active=True, | |
47 | role_level=True) | |
48 | session.add(ns) | |
49 | session.commit() | |
50 | ||
51 | ||
52 | def downgrade(): | |
53 | bind = op.get_bind() | |
54 | session = sa.orm.Session(bind=bind) | |
55 | ||
56 | for config in notifications_config: | |
57 | for event_type in config['event_types']: | |
58 | event_type_id = session.query(EventType.id).filter(EventType.name == event_type).one() | |
59 | subscription = session.query(NotificationSubscription).filter(NotificationSubscription.event_type_id == event_type_id).one() | |
60 | ns = session.query(NotificationSubscriptionWebSocketConfig).filter(NotificationSubscriptionWebSocketConfig.subscription == subscription).one() | |
61 | session.delete(ns) | |
62 | session.delete(subscription) | |
63 | session.commit() | |
64 | name_list = ",".join([f"'{elem}'" for elem in config["event_types"]]) | |
65 | session.execute(f'DELETE FROM event_type WHERE name IN ({name_list})') # nosec |
0 | """Fix constraint in cve association | |
1 | ||
2 | Revision ID: f28eae25416b | |
3 | Revises: 1574fbcf72f5 | |
4 | Create Date: 2021-11-04 15:38:26.026998+00:00 | |
5 | ||
6 | """ | |
7 | from alembic import op | |
8 | ||
9 | # revision identifiers, used by Alembic. | |
10 | revision = 'f28eae25416b' | |
11 | down_revision = '1574fbcf72f5' | |
12 | branch_labels = None | |
13 | depends_on = None | |
14 | ||
15 | ||
16 | def upgrade(): | |
17 | op.execute('ALTER TABLE cve_association ' | |
18 | 'DROP constraint cve_association_vulnerability_id_fkey, ' | |
19 | 'ADD CONSTRAINT cve_association_vulnerability_id_fkey ' | |
20 | 'FOREIGN KEY (vulnerability_id) REFERENCES vulnerability(id) ' | |
21 | 'ON DELETE CASCADE') | |
22 | ||
23 | ||
24 | def downgrade(): | |
25 | op.execute('ALTER TABLE cve_association ' | |
26 | 'DROP constraint cve_association_vulnerability_id_fkey, ' | |
27 | 'ADD CONSTRAINT cve_association_vulnerability_id_fkey ' | |
28 | 'FOREIGN KEY (vulnerability_id) REFERENCES vulnerability(id) ') |
310 | 310 | # VALIDATE |
311 | 311 | errors = {} |
312 | 312 | for param_name, param_data in executor_data["args"].items(): |
313 | val_error = type_validate(executor.parameters_metadata[param_name]['type'], param_data) | |
314 | if val_error: | |
315 | errors[param_name] = val_error | |
313 | if executor.parameters_metadata.get(param_name): | |
314 | val_error = type_validate(executor.parameters_metadata[param_name]['type'], param_data) | |
315 | if val_error: | |
316 | errors[param_name] = val_error | |
317 | else: | |
318 | errors['message'] = f'"{param_name}" not recognized as an executor argument' | |
316 | 319 | if errors: |
317 | 320 | response = jsonify(errors) |
318 | 321 | response.status_code = 400 |
0 | 0 | import logging |
1 | import re | |
1 | 2 | from datetime import datetime, timedelta |
2 | 3 | from typing import Type, Optional |
3 | 4 | import string |
30 | 31 | VulnerabilityWeb, |
31 | 32 | AgentExecution, |
32 | 33 | Workspace, |
33 | Metadata | |
34 | Metadata, | |
35 | CVE | |
34 | 36 | ) |
35 | 37 | from faraday.server.utils.database import ( |
36 | 38 | get_conflict_object, |
357 | 359 | |
358 | 360 | vuln_data.pop('_attachments', {}) |
359 | 361 | references = vuln_data.pop('references', []) |
362 | cve_list = vuln_data.pop('cve', []) | |
363 | ||
360 | 364 | policyviolations = vuln_data.pop('policy_violations', []) |
361 | 365 | |
362 | 366 | vuln_data = vuln_data.copy() |
395 | 399 | logger.debug("Apply run date to vuln") |
396 | 400 | vuln.create_date = run_date |
397 | 401 | db.session.commit() |
398 | elif not created and ("custom_fields" in vuln_data and any(vuln_data["custom_fields"])): | |
399 | # Updates Custom Fields | |
400 | vuln.custom_fields = vuln_data.pop('custom_fields', {}) | |
401 | db.session.commit() | |
402 | elif not created: | |
403 | if "custom_fields" in vuln_data and any(vuln_data["custom_fields"]): | |
404 | # Updates Custom Fields | |
405 | vuln.custom_fields = vuln_data.pop('custom_fields', {}) | |
406 | db.session.commit() | |
402 | 407 | |
403 | 408 | if command is not None: |
404 | 409 | _create_command_object_for(ws, created, vuln, command) |
405 | 410 | |
406 | def update_vuln(policyviolations, references, vuln): | |
411 | def update_vuln(policyviolations, references, vuln, cve_list): | |
412 | ||
407 | 413 | vuln.references = references |
408 | 414 | vuln.policy_violations = policyviolations |
415 | ||
416 | # parse cve and reference. Should be temporal. | |
417 | parsed_cve_list = [] | |
418 | for cve in cve_list: | |
419 | parsed_cve_list += re.findall(CVE.CVE_PATTERN, cve.upper()) | |
420 | ||
421 | for cve in references: | |
422 | parsed_cve_list += re.findall(CVE.CVE_PATTERN, cve.upper()) | |
423 | ||
424 | vuln.cve = parsed_cve_list | |
409 | 425 | # TODO attachments |
410 | 426 | db.session.add(vuln) |
411 | 427 | db.session.commit() |
412 | 428 | |
413 | 429 | if created: |
414 | update_vuln(policyviolations, references, vuln) | |
430 | update_vuln(policyviolations, references, vuln, cve_list) | |
415 | 431 | elif vuln.status == "closed": # Implicit not created |
416 | 432 | vuln.status = "re-opened" |
417 | update_vuln(policyviolations, references, vuln) | |
433 | update_vuln(policyviolations, references, vuln, cve_list) | |
418 | 434 | |
419 | 435 | |
420 | 436 | def _create_hostvuln(ws, host, vuln_data, command=None): |
2 | 2 | from lxml.etree import Element, SubElement, tostring # nosec |
3 | 3 | # We don't use Element for parsing |
4 | 4 | from flask import Blueprint, request, abort, send_file |
5 | ||
5 | from marshmallow import Schema | |
6 | ||
7 | from faraday.server.api.base import GenericWorkspacedView | |
6 | 8 | from faraday.server.models import Workspace |
7 | 9 | |
8 | 10 | export_data_api = Blueprint('export_data_api', __name__) |
10 | 12 | logger = logging.getLogger(__name__) |
11 | 13 | |
12 | 14 | |
13 | @export_data_api.route('/v3/ws/<workspace_name>/export_data', methods=['GET']) | |
14 | def export_data(workspace_name): | |
15 | """ | |
16 | --- | |
17 | get: | |
18 | tags: ["File","Workspace"] | |
19 | description: Exports all the workspace data in a XML file | |
20 | responses: | |
21 | 200: | |
22 | description: Ok | |
23 | """ | |
24 | ||
25 | workspace = Workspace.query.filter_by(name=workspace_name).first() | |
26 | if not workspace: | |
27 | logger.error("No such workspace. Please, specify a valid workspace.") | |
28 | abort(404, f"No such workspace: {workspace_name}") | |
29 | ||
30 | export_format = request.args.get('format', '') | |
31 | if not export_format: | |
32 | logger.error("No format specified. Please, specify the format to export the data.") | |
33 | abort(400, "No format specified.") | |
34 | ||
35 | if export_format == 'xml_metasploit': | |
36 | memory_file = xml_metasploit_format(workspace) | |
37 | return send_file( | |
38 | memory_file, | |
39 | attachment_filename=f"Faraday-{workspace_name}-data.xml", | |
40 | as_attachment=True, | |
41 | cache_timeout=-1 | |
42 | ) | |
43 | else: | |
44 | logger.error("Invalid format. Please, specify a valid format.") | |
45 | abort(400, "Invalid format.") | |
15 | class EmptySchema(Schema): | |
16 | pass | |
17 | ||
18 | ||
19 | class ExportDataView(GenericWorkspacedView): | |
20 | route_base = 'export_data' | |
21 | schema_class = EmptySchema | |
22 | ||
23 | def get(self, workspace_name): | |
24 | """ | |
25 | --- | |
26 | get: | |
27 | tags: ["File","Workspace"] | |
28 | description: Exports all the workspace data in a XML file | |
29 | responses: | |
30 | 200: | |
31 | description: Ok | |
32 | """ | |
33 | ||
34 | workspace = Workspace.query.filter_by(name=workspace_name).first() | |
35 | if not workspace: | |
36 | logger.error("No such workspace. Please, specify a valid workspace.") | |
37 | abort(404, f"No such workspace: {workspace_name}") | |
38 | ||
39 | export_format = request.args.get('format', '') | |
40 | if not export_format: | |
41 | logger.error("No format specified. Please, specify the format to export the data.") | |
42 | abort(400, "No format specified.") | |
43 | ||
44 | if export_format == 'xml_metasploit': | |
45 | memory_file = xml_metasploit_format(workspace) | |
46 | return send_file( | |
47 | memory_file, | |
48 | attachment_filename=f"Faraday-{workspace_name}-data.xml", | |
49 | as_attachment=True, | |
50 | cache_timeout=-1 | |
51 | ) | |
52 | else: | |
53 | logger.error("Invalid format. Please, specify a valid format.") | |
54 | abort(400, "Invalid format.") | |
55 | ||
56 | ||
57 | ExportDataView.register(export_data_api) | |
46 | 58 | |
47 | 59 | |
48 | 60 | def xml_metasploit_format(workspace): |
5 | 5 | import logging |
6 | 6 | |
7 | 7 | from flask import Blueprint, abort, make_response, jsonify |
8 | from flask_classful import route | |
9 | from marshmallow import Schema | |
10 | ||
11 | from faraday.server.api.base import GenericView | |
8 | 12 | from faraday.server.utils.web import gzipped |
9 | 13 | |
10 | 14 | exploits_api = Blueprint('exploits_api', __name__) |
12 | 16 | logger = logging.getLogger(__name__) |
13 | 17 | |
14 | 18 | |
15 | @gzipped | |
16 | @exploits_api.route('/v3/vulners/exploits/<cveid>', methods=['GET']) | |
17 | def get_exploits(cveid): | |
18 | """ | |
19 | --- | |
20 | get: | |
21 | tags: ["Vulnerability"] | |
22 | description: Use Vulns API to get all exploits available for a specific CVE-ID | |
23 | responses: | |
24 | 200: | |
25 | description: Ok | |
26 | """ | |
19 | class EmptySchema(Schema): | |
20 | pass | |
27 | 21 | |
28 | logger.debug( | |
29 | f"Request parameters: {flask.request.args!r}") | |
30 | 22 | |
31 | headers = { | |
32 | "Content-Type": "application/json", | |
33 | "Accept": "application/json"} | |
23 | class ExploitsView(GenericView): | |
24 | route_base = 'vulners/exploits' | |
25 | schema_class = EmptySchema | |
34 | 26 | |
35 | response = requests.get( | |
36 | "https://vulners.com/api/v3/search/id/?references=True&id=" + cveid, | |
37 | headers=headers, | |
38 | timeout=3 | |
39 | ) | |
27 | @gzipped | |
28 | @route('<cveid>', methods=['GET']) | |
29 | def get_exploits(self, cveid): | |
30 | """ | |
31 | --- | |
32 | get: | |
33 | tags: ["Vulnerability"] | |
34 | description: Use Vulns API to get all exploits available for a specific CVE-ID | |
35 | responses: | |
36 | 200: | |
37 | description: Ok | |
38 | """ | |
40 | 39 | |
41 | try: | |
40 | logger.debug( | |
41 | f"Request parameters: {flask.request.args!r}") | |
42 | 42 | |
43 | json_response = { | |
44 | "metasploit": [], | |
45 | "exploitdb": [], | |
46 | "cveid": cveid | |
47 | } | |
43 | headers = { | |
44 | "Content-Type": "application/json", | |
45 | "Accept": "application/json"} | |
48 | 46 | |
49 | if response.status_code == 200: | |
47 | response = requests.get( | |
48 | "https://vulners.com/api/v3/search/id/?references=True&id=" + cveid, | |
49 | headers=headers, | |
50 | timeout=3 | |
51 | ) | |
50 | 52 | |
51 | obj_response = response.json() | |
53 | try: | |
52 | 54 | |
53 | if obj_response["data"]["references"] is not {}: | |
55 | json_response = { | |
56 | "metasploit": [], | |
57 | "exploitdb": [], | |
58 | "cveid": cveid | |
59 | } | |
54 | 60 | |
55 | metasploit_modules = obj_response["data"]["references"][cveid].get("metasploit", []) | |
56 | exploitdb_modules = obj_response["data"]["references"][cveid].get("exploitdb", []) | |
61 | if response.status_code == 200: | |
57 | 62 | |
58 | for module in metasploit_modules: | |
59 | obj_module = {} | |
60 | obj_module.update({"title": module["title"]}) | |
61 | obj_module.update({"id": module["id"]}) | |
62 | obj_module.update({"href": module["href"]}) | |
63 | json_response["metasploit"].append(obj_module) | |
63 | obj_response = response.json() | |
64 | 64 | |
65 | for module in exploitdb_modules: | |
66 | obj_module = {} | |
67 | obj_module.update({"title": module["title"]}) | |
68 | obj_module.update({"id": module["id"]}) | |
69 | obj_module.update({"href": module["href"]}) | |
70 | json_response["exploitdb"].append(obj_module) | |
65 | if obj_response["data"]["references"] is not {}: | |
71 | 66 | |
72 | except KeyError as ex: | |
73 | abort(make_response(jsonify(message=f'Could not find {str(ex)}'), 400)) | |
67 | metasploit_modules = obj_response["data"]["references"][cveid].get("metasploit", []) | |
68 | exploitdb_modules = obj_response["data"]["references"][cveid].get("exploitdb", []) | |
74 | 69 | |
75 | return flask.jsonify(json_response) | |
70 | for module in metasploit_modules: | |
71 | obj_module = {} | |
72 | obj_module.update({"title": module["title"]}) | |
73 | obj_module.update({"id": module["id"]}) | |
74 | obj_module.update({"href": module["href"]}) | |
75 | json_response["metasploit"].append(obj_module) | |
76 | ||
77 | for module in exploitdb_modules: | |
78 | obj_module = {} | |
79 | obj_module.update({"title": module["title"]}) | |
80 | obj_module.update({"id": module["id"]}) | |
81 | obj_module.update({"href": module["href"]}) | |
82 | json_response["exploitdb"].append(obj_module) | |
83 | ||
84 | except KeyError as ex: | |
85 | abort(make_response(jsonify(message=f'Could not find {str(ex)}'), 400)) | |
86 | ||
87 | return flask.jsonify(json_response) | |
88 | ||
89 | ||
90 | ExploitsView.register(exploits_api) |
3 | 3 | |
4 | 4 | import flask |
5 | 5 | from flask import Blueprint |
6 | from marshmallow import Schema | |
6 | 7 | |
7 | 8 | from faraday import __version__ as f_version |
9 | from faraday.server.api.base import GenericView | |
8 | 10 | from faraday.server.config import faraday_server |
9 | 11 | from faraday.settings.dashboard import DashboardSettings |
10 | 12 | |
11 | 13 | info_api = Blueprint('info_api', __name__) |
12 | 14 | |
13 | 15 | |
14 | @info_api.route('/v3/info', methods=['GET']) | |
15 | def show_info(): | |
16 | """ | |
17 | --- | |
18 | get: | |
19 | tags: ["Informational"] | |
20 | description: Gives basic info about the faraday service | |
21 | responses: | |
22 | 200: | |
23 | description: Ok | |
24 | """ | |
25 | ||
26 | response = flask.jsonify({'Faraday Server': 'Running', 'Version': f_version}) | |
27 | response.status_code = 200 | |
28 | ||
29 | return response | |
16 | class EmptySchema(Schema): | |
17 | pass | |
30 | 18 | |
31 | 19 | |
32 | @info_api.route('/config') | |
33 | def get_config(): | |
34 | """ | |
35 | --- | |
36 | get: | |
37 | tags: ["Informational"] | |
38 | description: Gives basic info about the faraday configuration | |
39 | responses: | |
40 | 200: | |
41 | description: Ok | |
42 | """ | |
43 | doc = { | |
44 | 'ver': f_version, | |
45 | 'websocket_port': faraday_server.websocket_port, | |
46 | 'show_vulns_by_price': DashboardSettings.settings.show_vulns_by_price, | |
47 | 'smtp_enabled': False | |
48 | } | |
20 | class InfoView(GenericView): | |
21 | route_base = 'info' | |
22 | schema_class = EmptySchema | |
49 | 23 | |
50 | return flask.jsonify(doc) | |
24 | def get(self): | |
25 | """ | |
26 | --- | |
27 | get: | |
28 | tags: ["Informational"] | |
29 | description: Gives basic info about the faraday service | |
30 | responses: | |
31 | 200: | |
32 | description: Ok | |
33 | """ | |
34 | ||
35 | response = flask.jsonify({'Faraday Server': 'Running', 'Version': f_version}) | |
36 | response.status_code = 200 | |
37 | ||
38 | return response | |
39 | ||
40 | get.is_public = True | |
51 | 41 | |
52 | 42 | |
53 | get_config.is_public = True | |
54 | show_info.is_public = True | |
43 | class ConfigView(GenericView): | |
44 | route_base = 'config' | |
45 | route_prefix = '' | |
46 | schema_class = EmptySchema | |
47 | ||
48 | def get(self): | |
49 | """ | |
50 | --- | |
51 | get: | |
52 | tags: ["Informational"] | |
53 | description: Gives basic info about the faraday configuration | |
54 | responses: | |
55 | 200: | |
56 | description: Ok | |
57 | """ | |
58 | doc = { | |
59 | 'ver': f_version, | |
60 | 'websocket_port': faraday_server.websocket_port, | |
61 | 'show_vulns_by_price': DashboardSettings.settings.show_vulns_by_price, | |
62 | 'smtp_enabled': False | |
63 | } | |
64 | ||
65 | return flask.jsonify(doc) | |
66 | ||
67 | get.is_public = True | |
68 | ||
69 | ||
70 | InfoView.register(info_api) | |
71 | ConfigView.register(info_api) |
5 | 5 | """ |
6 | 6 | from flask import jsonify, Blueprint |
7 | 7 | from flask_wtf.csrf import generate_csrf |
8 | from faraday.server.api.base import get_user_permissions | |
8 | from marshmallow import Schema | |
9 | ||
10 | from faraday.server.api.base import get_user_permissions, GenericView | |
9 | 11 | import flask_login |
10 | 12 | |
11 | 13 | session_api = Blueprint('session_api', __name__) |
12 | 14 | |
13 | 15 | |
14 | @session_api.route('/session') | |
15 | def session_info(): | |
16 | """ | |
17 | --- | |
18 | get: | |
19 | tags: ["Informational"] | |
20 | description: Gives info about the current session | |
21 | responses: | |
22 | 200: | |
23 | description: Ok | |
24 | """ | |
25 | user = flask_login.current_user | |
26 | data = user.get_security_payload() | |
27 | data['csrf_token'] = generate_csrf() | |
28 | data['preferences'] = user.preferences | |
29 | data['permissions'] = get_user_permissions(user) | |
30 | return jsonify(data) | |
16 | class EmptySchema(Schema): | |
17 | pass | |
18 | ||
19 | ||
20 | class SessionView(GenericView): | |
21 | route_base = 'session' | |
22 | route_prefix = '' | |
23 | schema_class = EmptySchema | |
24 | ||
25 | def get(self): | |
26 | """ | |
27 | --- | |
28 | get: | |
29 | tags: ["Informational"] | |
30 | description: Gives info about the current session | |
31 | responses: | |
32 | 200: | |
33 | description: Ok | |
34 | """ | |
35 | user = flask_login.current_user | |
36 | data = user.get_security_payload() | |
37 | data['csrf_token'] = generate_csrf() | |
38 | data['preferences'] = user.preferences | |
39 | data['permissions'] = get_user_permissions(user) | |
40 | data['user_id'] = user.id | |
41 | return jsonify(data) | |
42 | ||
43 | ||
44 | SessionView.register(session_api) |
5 | 5 | import logging |
6 | 6 | from datetime import datetime |
7 | 7 | import flask_login |
8 | from flask_classful import route | |
9 | from marshmallow import Schema | |
8 | 10 | |
11 | from faraday.server.api.base import GenericWorkspacedView | |
9 | 12 | from faraday.server.config import CONST_FARADAY_HOME_PATH |
10 | 13 | from faraday.server.threads.reports_processor import REPORTS_QUEUE |
11 | 14 | from flask import ( |
30 | 33 | logger = logging.getLogger(__name__) |
31 | 34 | |
32 | 35 | |
33 | @gzipped | |
34 | @upload_api.route('/v3/ws/<workspace>/upload_report', methods=['POST']) | |
35 | def file_upload(workspace=None): | |
36 | """ | |
37 | --- | |
38 | post: | |
39 | tags: ["Workspace", "File"] | |
40 | description: Upload a report file to create data within the given workspace | |
41 | responses: | |
42 | 201: | |
43 | description: Created | |
44 | 400: | |
45 | description: Bad request | |
46 | 403: | |
47 | description: Forbidden | |
48 | tags: ["Workspace", "File"] | |
49 | responses: | |
50 | 200: | |
51 | description: Ok | |
52 | """ | |
53 | logger.info("Importing new plugin report in server...") | |
54 | # Authorization code copy-pasted from server/api/base.py | |
55 | ws = Workspace.query.filter_by(name=workspace).first() | |
56 | if not ws or not ws.active: | |
57 | # Don't raise a 403 to prevent workspace name enumeration | |
58 | abort(404, f"Workspace disabled: {workspace}") | |
36 | class EmptySchema(Schema): | |
37 | pass | |
59 | 38 | |
60 | if 'file' not in request.files: | |
61 | abort(400) | |
62 | 39 | |
63 | try: | |
64 | validate_csrf(request.form.get('csrf_token')) | |
65 | except ValidationError: | |
66 | abort(403) | |
40 | class UploadReportView(GenericWorkspacedView): | |
41 | route_base = 'upload_report' | |
42 | schema_class = EmptySchema | |
67 | 43 | |
68 | report_file = request.files['file'] | |
44 | @gzipped | |
45 | @route('', methods=['POST']) | |
46 | def file_upload(self, workspace_name=None): | |
47 | """ | |
48 | --- | |
49 | post: | |
50 | tags: ["Workspace", "File"] | |
51 | description: Upload a report file to create data within the given workspace | |
52 | responses: | |
53 | 201: | |
54 | description: Created | |
55 | 400: | |
56 | description: Bad request | |
57 | 403: | |
58 | description: Forbidden | |
59 | tags: ["Workspace", "File"] | |
60 | responses: | |
61 | 200: | |
62 | description: Ok | |
63 | """ | |
64 | logger.info("Importing new plugin report in server...") | |
65 | # Authorization code copy-pasted from server/api/base.py | |
66 | ws = Workspace.query.filter_by(name=workspace_name).first() | |
67 | if not ws or not ws.active: | |
68 | # Don't raise a 403 to prevent workspace name enumeration | |
69 | abort(404, f"Workspace disabled: {workspace_name}") | |
69 | 70 | |
70 | if report_file: | |
71 | ||
72 | chars = string.ascii_uppercase + string.digits | |
73 | random_prefix = ''.join(random.choice(chars) for x in range(12)) # nosec | |
74 | raw_report_filename = f'{random_prefix}_{secure_filename(report_file.filename)}' | |
71 | if 'file' not in request.files: | |
72 | abort(400) | |
75 | 73 | |
76 | 74 | try: |
77 | file_path = CONST_FARADAY_HOME_PATH / 'uploaded_reports' \ | |
78 | / raw_report_filename | |
79 | with file_path.open('wb') as output: | |
80 | output.write(report_file.read()) | |
81 | except AttributeError: | |
82 | logger.warning( | |
83 | "Upload reports in WEB-UI not configurated, run Faraday client and try again...") | |
84 | abort(make_response( | |
85 | jsonify(message="Upload reports not configurated: Run faraday client and start Faraday server again"), | |
86 | 500)) | |
75 | validate_csrf(request.form.get('csrf_token')) | |
76 | except ValidationError: | |
77 | abort(403) | |
78 | ||
79 | report_file = request.files['file'] | |
80 | ||
81 | if report_file: | |
82 | ||
83 | chars = string.ascii_uppercase + string.digits | |
84 | random_prefix = ''.join(random.choice(chars) for x in range(12)) # nosec | |
85 | raw_report_filename = f'{random_prefix}_{secure_filename(report_file.filename)}' | |
86 | ||
87 | try: | |
88 | file_path = CONST_FARADAY_HOME_PATH / 'uploaded_reports' \ | |
89 | / raw_report_filename | |
90 | with file_path.open('wb') as output: | |
91 | output.write(report_file.read()) | |
92 | except AttributeError: | |
93 | logger.warning( | |
94 | "Upload reports in WEB-UI not configurated, run Faraday client and try again...") | |
95 | abort(make_response( | |
96 | jsonify(message="Upload reports not configurated: Run faraday client and start Faraday server again"), | |
97 | 500)) | |
98 | else: | |
99 | logger.info(f"Get plugin for file: {file_path}") | |
100 | plugins_manager = PluginsManager(ReportsSettings.settings.custom_plugins_folder) | |
101 | report_analyzer = ReportAnalyzer(plugins_manager) | |
102 | plugin = report_analyzer.get_plugin(file_path) | |
103 | if not plugin: | |
104 | logger.info("Could not get plugin for file") | |
105 | abort(make_response(jsonify(message="Invalid report file"), 400)) | |
106 | else: | |
107 | logger.info( | |
108 | f"Plugin for file: {file_path} Plugin: {plugin.id}" | |
109 | ) | |
110 | workspace_instance = Workspace.query.filter_by( | |
111 | name=workspace_name).one() | |
112 | command = Command() | |
113 | command.workspace = workspace_instance | |
114 | command.start_date = datetime.utcnow() | |
115 | command.import_source = 'report' | |
116 | # The data will be updated in the bulk_create function | |
117 | command.tool = "In progress" | |
118 | command.command = "In progress" | |
119 | ||
120 | db.session.add(command) | |
121 | db.session.commit() | |
122 | ||
123 | REPORTS_QUEUE.put( | |
124 | ( | |
125 | workspace_instance.name, | |
126 | command.id, | |
127 | file_path, | |
128 | plugin.id, | |
129 | flask_login.current_user.id | |
130 | ) | |
131 | ) | |
132 | return make_response( | |
133 | jsonify(message="ok", command_id=command.id), | |
134 | 200 | |
135 | ) | |
87 | 136 | else: |
88 | logger.info(f"Get plugin for file: {file_path}") | |
89 | plugins_manager = PluginsManager(ReportsSettings.settings.custom_plugins_folder) | |
90 | report_analyzer = ReportAnalyzer(plugins_manager) | |
91 | plugin = report_analyzer.get_plugin(file_path) | |
92 | if not plugin: | |
93 | logger.info("Could not get plugin for file") | |
94 | abort(make_response(jsonify(message="Invalid report file"), 400)) | |
95 | else: | |
96 | logger.info( | |
97 | f"Plugin for file: {file_path} Plugin: {plugin.id}" | |
98 | ) | |
99 | workspace_instance = Workspace.query.filter_by( | |
100 | name=workspace).one() | |
101 | command = Command() | |
102 | command.workspace = workspace_instance | |
103 | command.start_date = datetime.utcnow() | |
104 | command.import_source = 'report' | |
105 | # The data will be updated in the bulk_create function | |
106 | command.tool = "In progress" | |
107 | command.command = "In progress" | |
137 | abort(make_response(jsonify(message="Missing report file"), 400)) | |
108 | 138 | |
109 | db.session.add(command) | |
110 | db.session.commit() | |
111 | 139 | |
112 | REPORTS_QUEUE.put( | |
113 | ( | |
114 | workspace_instance.name, | |
115 | command.id, | |
116 | file_path, | |
117 | plugin.id, | |
118 | flask_login.current_user.id | |
119 | ) | |
120 | ) | |
121 | return make_response( | |
122 | jsonify(message="ok", command_id=command.id), | |
123 | 200 | |
124 | ) | |
125 | else: | |
126 | abort(make_response(jsonify(message="Missing report file"), 400)) | |
140 | UploadReportView.register(upload_api) |
4 | 4 | import io |
5 | 5 | import json |
6 | 6 | import logging |
7 | import re | |
7 | 8 | from base64 import b64encode, b64decode |
8 | 9 | from json.decoder import JSONDecodeError |
9 | 10 | from pathlib import Path |
46 | 47 | VulnerabilityWeb, |
47 | 48 | CustomFieldsSchema, |
48 | 49 | VulnerabilityGeneric, |
49 | User | |
50 | User, | |
51 | CVE | |
50 | 52 | ) |
51 | 53 | from faraday.server.utils.database import get_or_create |
52 | 54 | from faraday.server.utils.export import export_vulns_to_csv |
105 | 107 | return obj.tool |
106 | 108 | else: |
107 | 109 | return obj.creator_command_tool or 'Web UI' |
110 | ||
111 | ||
112 | class CVESchema(AutoSchema): | |
113 | name = fields.String() | |
108 | 114 | |
109 | 115 | |
110 | 116 | class VulnerabilitySchema(AutoSchema): |
121 | 127 | attribute='policy_violations') |
122 | 128 | refs = fields.List(fields.String(), attribute='references') |
123 | 129 | owasp = fields.Method(serialize='get_owasp_refs', default=[]) |
124 | cve = fields.Method(serialize='get_cve_refs', default=[]) | |
130 | cve = fields.List(fields.String(), attribute='cve') | |
125 | 131 | cwe = fields.Method(serialize='get_cwe_refs', default=[]) |
126 | 132 | cvss = fields.Method(serialize='get_cvss_refs', default=[]) |
127 | 133 | issuetracker = fields.Method(serialize='get_issuetracker', dump_only=True) |
183 | 189 | def get_cwe_refs(self, obj): |
184 | 190 | return [reference for reference in obj.references if 'cwe' in reference.lower()] |
185 | 191 | |
186 | def get_cve_refs(self, obj): | |
187 | return [reference for reference in obj.references if 'cve' in reference.lower()] | |
188 | ||
189 | 192 | def get_cvss_refs(self, obj): |
190 | 193 | return [reference for reference in obj.references if 'cvss' in reference.lower()] |
191 | 194 | |
509 | 512 | attachments = data.pop('_attachments', {}) |
510 | 513 | references = data.pop('references', []) |
511 | 514 | policyviolations = data.pop('policy_violations', []) |
515 | cve_list = data.pop('cve', []) | |
516 | ||
512 | 517 | try: |
513 | 518 | obj = super()._perform_create(data, **kwargs) |
514 | 519 | except TypeError: |
518 | 523 | |
519 | 524 | obj.references = references |
520 | 525 | obj.policy_violations = policyviolations |
526 | ||
527 | # parse cve and reference. Should be temporal. | |
528 | parsed_cve_list = [] | |
529 | for cve in cve_list: | |
530 | parsed_cve_list += re.findall(CVE.CVE_PATTERN, cve.upper()) | |
531 | ||
532 | for cve in references: | |
533 | parsed_cve_list += re.findall(CVE.CVE_PATTERN, cve.upper()) | |
534 | ||
535 | obj.cve = parsed_cve_list | |
536 | ||
537 | db.session.flush() | |
538 | ||
521 | 539 | if not obj.tool: |
522 | 540 | if obj.creator_command_tool: |
523 | 541 | obj.tool = obj.creator_command_tool |
553 | 571 | def _update_object(self, obj, data, **kwargs): |
554 | 572 | data.pop('type', '') # It's forbidden to change vuln type! |
555 | 573 | data.pop('tool', '') |
574 | ||
556 | 575 | return super()._update_object(obj, data) |
557 | 576 | |
558 | 577 | def _perform_update(self, object_id, obj, data, workspace_name=None, partial=False): |
845 | 864 | flask.abort(400, "Invalid filters") |
846 | 865 | |
847 | 866 | workspace = self._get_workspace(workspace_name) |
848 | marshmallow_params = {'many': True, 'context': {}} | |
867 | marshmallow_params = {'many': True, 'context': {}, 'exclude': ('_attachments', )} | |
849 | 868 | if 'group_by' not in filters: |
850 | 869 | offset = None |
851 | 870 | limit = None |
16 | 16 | from sqlalchemy.orm.exc import NoResultFound |
17 | 17 | |
18 | 18 | |
19 | from faraday.server.models import db, Workspace, _make_vuln_count_property, Vulnerability, \ | |
20 | _make_active_agents_count_property, count_vulnerability_severities | |
19 | from faraday.server.models import (db, | |
20 | Workspace, | |
21 | _make_vuln_count_property, | |
22 | Vulnerability, | |
23 | _make_active_agents_count_property, | |
24 | count_vulnerability_severities, | |
25 | _last_run_agent_date) | |
21 | 26 | from faraday.server.schemas import ( |
22 | 27 | JSTimestampField, |
23 | 28 | MutableField, |
34 | 39 | class WorkspaceSummarySchema(Schema): |
35 | 40 | credentials = fields.Integer(dump_only=True, attribute='credential_count') |
36 | 41 | hosts = fields.Integer(dump_only=True, attribute='host_count') |
37 | services = fields.Integer(dump_only=True, | |
38 | attribute='total_service_count') | |
39 | web_vulns = fields.Integer(dump_only=True, allow_none=False, | |
40 | attribute='vulnerability_web_count') | |
41 | code_vulns = fields.Integer(dump_only=True, allow_none=False, | |
42 | attribute='vulnerability_code_count') | |
43 | std_vulns = fields.Integer(dump_only=True, allow_none=False, | |
44 | attribute='vulnerability_standard_count') | |
45 | critical_vulns = fields.Integer(dump_only=True, allow_none=False, | |
46 | attribute='vulnerability_critical_count') | |
47 | info_vulns = fields.Integer(dump_only=True, allow_none=False, | |
48 | attribute='vulnerability_informational_count') | |
49 | high_vulns = fields.Integer(dump_only=True, allow_none=False, | |
50 | attribute='vulnerability_high_count') | |
51 | medium_vulns = fields.Integer(dump_only=True, allow_none=False, | |
52 | attribute='vulnerability_medium_count') | |
53 | low_vulns = fields.Integer(dump_only=True, allow_none=False, | |
54 | attribute='vulnerability_low_count') | |
55 | unclassified_vulns = fields.Integer(dump_only=True, allow_none=False, | |
56 | attribute='vulnerability_unclassified_count') | |
57 | total_vulns = fields.Integer(dump_only=True, allow_none=False, | |
58 | attribute='vulnerability_total_count') | |
42 | services = fields.Integer(dump_only=True, attribute='total_service_count') | |
43 | web_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_web_count') | |
44 | code_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_code_count') | |
45 | std_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_standard_count') | |
46 | opened_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_open_count') | |
47 | confirmed_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_confirmed_count') | |
48 | critical_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_critical_count') | |
49 | info_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_informational_count') | |
50 | high_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_high_count') | |
51 | medium_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_medium_count') | |
52 | low_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_low_count') | |
53 | unclassified_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_unclassified_count') | |
54 | total_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_total_count') | |
59 | 55 | |
60 | 56 | |
61 | 57 | class WorkspaceDurationSchema(Schema): |
84 | 80 | ) |
85 | 81 | active = fields.Boolean() |
86 | 82 | |
87 | create_date = fields.DateTime(attribute='create_date', | |
88 | dump_only=True) | |
89 | ||
90 | update_date = fields.DateTime(attribute='update_date', | |
91 | dump_only=True) | |
92 | ||
83 | create_date = fields.DateTime(attribute='create_date', dump_only=True) | |
84 | update_date = fields.DateTime(attribute='update_date', dump_only=True) | |
93 | 85 | active_agents_count = fields.Integer(dump_only=True) |
86 | last_run_agent_date = fields.DateTime(dump_only=True, attribute='last_run_agent_date') | |
94 | 87 | |
95 | 88 | class Meta: |
96 | 89 | model = Workspace |
97 | 90 | fields = ('_id', 'id', 'customer', 'description', 'active', |
98 | 91 | 'duration', 'name', 'public', 'scope', 'stats', |
99 | 92 | 'create_date', 'update_date', 'readonly', |
100 | 'active_agents_count') | |
93 | 'active_agents_count', 'last_run_agent_date') | |
101 | 94 | |
102 | 95 | @post_load |
103 | 96 | def post_load_duration(self, data, **kwargs): |
219 | 212 | if active is not None: |
220 | 213 | query = query.filter_by(active=active) |
221 | 214 | query = query.options( |
222 | with_expression( | |
223 | Workspace.vulnerability_web_count, | |
224 | _make_vuln_count_property('vulnerability_web', | |
215 | with_expression( | |
216 | Workspace.vulnerability_web_count, | |
217 | _make_vuln_count_property('vulnerability_web', | |
225 | 218 | confirmed=confirmed, |
226 | 219 | extra_query=extra_query, |
227 | 220 | use_column_property=False), |
228 | ), | |
229 | with_expression( | |
230 | Workspace.vulnerability_standard_count, | |
231 | _make_vuln_count_property('vulnerability', | |
221 | ), | |
222 | with_expression( | |
223 | Workspace.vulnerability_standard_count, | |
224 | _make_vuln_count_property('vulnerability', | |
232 | 225 | confirmed=confirmed, |
233 | 226 | extra_query=extra_query, |
234 | 227 | use_column_property=False) |
235 | ), | |
236 | with_expression( | |
237 | Workspace.vulnerability_total_count, | |
238 | _make_vuln_count_property(type_=None, | |
228 | ), | |
229 | with_expression( | |
230 | Workspace.vulnerability_total_count, | |
231 | _make_vuln_count_property(type_=None, | |
239 | 232 | confirmed=confirmed, |
240 | 233 | extra_query=extra_query, |
241 | 234 | use_column_property=False) |
242 | ), | |
243 | with_expression( | |
244 | Workspace.vulnerability_code_count, | |
245 | _make_vuln_count_property('vulnerability_code', | |
235 | ), | |
236 | with_expression( | |
237 | Workspace.vulnerability_code_count, | |
238 | _make_vuln_count_property('vulnerability_code', | |
246 | 239 | extra_query=extra_query, |
247 | 240 | use_column_property=False), |
248 | ), | |
249 | with_expression( | |
250 | Workspace.active_agents_count, | |
251 | _make_active_agents_count_property(), | |
252 | ), | |
241 | ), | |
242 | with_expression( | |
243 | Workspace.active_agents_count, | |
244 | _make_active_agents_count_property(), | |
245 | ), | |
246 | with_expression( | |
247 | Workspace.last_run_agent_date, | |
248 | _last_run_agent_date(), | |
249 | ), | |
250 | ) | |
251 | ||
252 | # extra_query contains status filter | |
253 | if not extra_query or status == 'open': | |
254 | query = query.options( | |
255 | with_expression(Workspace.vulnerability_open_count, | |
256 | _make_vuln_count_property(None, | |
257 | extra_query=" status='open' ", | |
258 | use_column_property=False), | |
259 | ) | |
253 | 260 | ) |
261 | ||
262 | if confirmed is not False: | |
263 | query = query.options( | |
264 | with_expression( | |
265 | Workspace.vulnerability_confirmed_count, | |
266 | _make_vuln_count_property(None, | |
267 | confirmed=True, | |
268 | extra_query=extra_query, | |
269 | use_column_property=False) | |
270 | ) | |
271 | ) | |
272 | ||
254 | 273 | query = count_vulnerability_severities(query, Workspace, status=status, confirmed=confirmed, all_severities=True) |
255 | 274 | |
256 | 275 | try: |
159 | 159 | 'event_types': ['new_vulnerabilityweb', 'update_vulnerabilityweb', 'delete_vulnerabilityweb']}, |
160 | 160 | # Comments |
161 | 161 | {'roles': [admin, pentester, asset_owner, client], 'event_types': ['new_comment']}, |
162 | # Comments | |
163 | {'roles': [admin, pentester, asset_owner, client], | |
164 | 'event_types': ['new_host', 'update_host', 'delete_host']}, | |
162 | 165 | ] |
163 | 166 | |
164 | 167 | event_types = [('new_workspace', False), |
181 | 184 | ('delete_vulnerability', False), |
182 | 185 | ('new_vulnerabilityweb', False), |
183 | 186 | ('update_vulnerabilityweb', False), |
184 | ('delete_vulnerabilityweb', False)] | |
187 | ('delete_vulnerabilityweb', False), | |
188 | ('new_host', False), | |
189 | ('update_host', False), | |
190 | ('delete_host', False) | |
191 | ] | |
192 | ||
193 | default_initial_enabled_notifications_config = ['new_workspace', 'update_executivereport', 'new_agentexecution', 'new_command', 'new_comment'] | |
185 | 194 | |
186 | 195 | for event_type in event_types: |
187 | event_type_obj = EventType(name=event_type[0], async_event=event_type[1]) | |
196 | enabled = False | |
197 | if event_type[0] in default_initial_enabled_notifications_config: | |
198 | enabled = True | |
199 | event_type_obj = EventType(name=event_type[0], async_event=event_type[1], enabled=enabled) | |
188 | 200 | db.session.add(event_type_obj) |
189 | 201 | |
190 | 202 | object_types = ['vulnerability', |
214 | 226 | n = NotificationSubscription(event_type=event_type_obj, allowed_roles=allowed_roles_objs) |
215 | 227 | db.session.add(n) |
216 | 228 | db.session.commit() |
217 | ns = NotificationSubscriptionWebSocketConfig(subscription=n, active=True, role_level=True) | |
229 | active = False | |
230 | if event_type in default_initial_enabled_notifications_config: | |
231 | active = True | |
232 | ns = NotificationSubscriptionWebSocketConfig(subscription=n, active=active, role_level=True) | |
218 | 233 | db.session.add(ns) |
219 | 234 | db.session.commit() |
220 | 235 |
22 | 22 | UniqueConstraint, |
23 | 23 | event, |
24 | 24 | Table, |
25 | literal, | |
25 | 26 | ) |
26 | 27 | from sqlalchemy.exc import IntegrityError |
27 | 28 | from sqlalchemy.orm import relationship |
153 | 154 | # I suppose that we're using PostgreSQL, that can't compare |
154 | 155 | # booleans with integers |
155 | 156 | query = query.where(text('agent.active = true')) |
157 | ||
158 | return query | |
159 | ||
160 | ||
161 | def _last_run_agent_date(): | |
162 | query = select([text('executor.last_run')]) | |
163 | ||
164 | from_clause = table('executor')\ | |
165 | .join(Agent, text('executor.agent_id = agent.id'))\ | |
166 | .join(text('association_workspace_and_agents_table'), | |
167 | text('agent.id = association_workspace_and_agents_table.agent_id ' | |
168 | 'and association_workspace_and_agents_table.workspace_id = workspace.id')) | |
169 | query = query.select_from(from_clause).where(text('executor.last_run is not null')).order_by(Executor.last_run.desc()).limit(1) | |
156 | 170 | |
157 | 171 | return query |
158 | 172 | |
604 | 618 | |
605 | 619 | def _build_associationproxy_creator_non_workspaced(model_class_name): |
606 | 620 | def creator(name, vulnerability): |
607 | """Get or create a reference/policyviolation with the | |
608 | corresponding name. This must be workspace aware""" | |
621 | """Get or create a reference/policyviolation/CVE with the | |
622 | corresponding name. This is not workspace aware""" | |
609 | 623 | |
610 | 624 | # Ugly hack to avoid the fact that Reference is defined after |
611 | 625 | # Vulnerability |
983 | 997 | child_field='name') |
984 | 998 | |
985 | 999 | |
1000 | cve_vulnerability_association = db.Table('cve_association', | |
1001 | Column('vulnerability_id', Integer, db.ForeignKey('vulnerability.id', ondelete='CASCADE'), nullable=False), | |
1002 | Column('cve_id', Integer, db.ForeignKey('cve.id'), nullable=False) | |
1003 | ) | |
1004 | ||
1005 | ||
1006 | class CVE(db.Model): | |
1007 | __tablename__ = 'cve' | |
1008 | ||
1009 | CVE_PATTERN = r'CVE-\d{4}-\d{4,7}' | |
1010 | ||
1011 | id = Column(Integer, primary_key=True) | |
1012 | name = Column(String(24), unique=True) | |
1013 | year = Column(Integer, nullable=True) | |
1014 | identifier = Column(Integer, nullable=True) | |
1015 | ||
1016 | # TODO: add customer inserted flag | |
1017 | # Other fields TBD | |
1018 | ||
1019 | vulnerabilities = relationship("VulnerabilityGeneric", secondary=cve_vulnerability_association) | |
1020 | ||
1021 | def __str__(self): | |
1022 | return f'{self.id}' | |
1023 | ||
1024 | def __init__(self, name=None, **kwargs): | |
1025 | logger.debug("cve found %s", name) | |
1026 | try: | |
1027 | name = name.upper() | |
1028 | _, year, identifier = name.split("-") | |
1029 | super().__init__(name=name, year=year, identifier=identifier, **kwargs) | |
1030 | except ValueError: | |
1031 | logger.error("Invalid cve format. Should be CVE-YEAR-ID.") | |
1032 | raise ValueError("Invalid cve format. Should be CVE-YEAR-NUMBERID.") | |
1033 | ||
1034 | ||
986 | 1035 | class Service(Metadata): |
987 | 1036 | STATUSES = [ |
988 | 1037 | 'open', |
1098 | 1147 | backref=backref('vulnerabilities', cascade="all, delete-orphan", passive_deletes=True) |
1099 | 1148 | ) |
1100 | 1149 | |
1150 | cve_instances = relationship("CVE", | |
1151 | secondary=cve_vulnerability_association, | |
1152 | lazy="joined", | |
1153 | collection_class=set) | |
1154 | ||
1155 | cve = association_proxy('cve_instances', | |
1156 | 'name', | |
1157 | proxy_factory=CustomAssociationSet, | |
1158 | creator=_build_associationproxy_creator_non_workspaced('CVE')) | |
1159 | ||
1101 | 1160 | reference_instances = relationship( |
1102 | 1161 | "Reference", |
1103 | 1162 | secondary="reference_vulnerability_association", |
1572 | 1631 | vulnerability_standard_count = query_expression() |
1573 | 1632 | vulnerability_total_count = query_expression() |
1574 | 1633 | active_agents_count = query_expression() |
1634 | last_run_agent_date = query_expression() | |
1635 | vulnerability_open_count = query_expression(literal(0)) | |
1636 | vulnerability_confirmed_count = query_expression(literal(0)) | |
1575 | 1637 | |
1576 | 1638 | vulnerability_informational_count = query_expression() |
1577 | 1639 | vulnerability_medium_count = query_expression() |
2129 | 2191 | id = Column(Integer, primary_key=True) |
2130 | 2192 | name = Column(String(64), unique=True, nullable=False) |
2131 | 2193 | async_event = Column(Boolean, default=False) |
2194 | enabled = Column(Boolean, default=True) | |
2132 | 2195 | |
2133 | 2196 | |
2134 | 2197 | allowed_roles_association = db.Table('notification_allowed_roles', |
598 | 598 | field = getattr(relation_model, field_name_in_relation) |
599 | 599 | direction = getattr(field, val.direction) |
600 | 600 | if relation_model not in joined_models: |
601 | query = query.join(*joined_models) | |
601 | query = query.join(relation_model, isouter=True) | |
602 | 602 | joined_models.add(relation_model) |
603 | 603 | query = query.order_by(direction()) |
604 | 604 | else: |
6 | 6 | import argparse |
7 | 7 | import logging |
8 | 8 | |
9 | import psycopg2 | |
9 | 10 | from alembic.runtime.migration import MigrationContext |
10 | 11 | |
11 | 12 | from colorama import init, Fore |
101 | 102 | ) |
102 | 103 | |
103 | 104 | |
105 | def check_if_db_up(): | |
106 | try: | |
107 | conn = psycopg2.connect(dbname="postgres") | |
108 | conn.close() | |
109 | except psycopg2.OperationalError as e: | |
110 | if "could not connect to server" in e.args[0]: | |
111 | print("\n\nCould not ping the Postgres server, please check if it is running \n\n") | |
112 | sys.exit(1) | |
113 | ||
114 | ||
104 | 115 | def main(): |
105 | 116 | os.chdir(faraday.server.config.FARADAY_BASE) |
117 | # check_if_db_up() | |
106 | 118 | check_alembic_version() |
107 | 119 | # TODO RETURN TO prev CWD |
108 | 120 | check_postgresql() |
40 | 40 | }; |
41 | 41 | python38 = |
42 | 42 | super.python38.override { |
43 | inherit | |
44 | packageOverrides; | |
45 | }; | |
46 | python39 = | |
47 | super.python39.override { | |
48 | inherit | |
49 | packageOverrides; | |
50 | }; | |
51 | python310 = | |
52 | super.python310.override { | |
43 | 53 | inherit |
44 | 54 | packageOverrides; |
45 | 55 | }; |
10 | 10 | pname = |
11 | 11 | "anyascii"; |
12 | 12 | version = |
13 | "0.2.0"; | |
13 | "0.3.0"; | |
14 | 14 | |
15 | 15 | src = |
16 | 16 | fetchPypi { |
18 | 18 | pname |
19 | 19 | version; |
20 | 20 | sha256 = |
21 | "1b6jdd9nx15py0jqjdn154m6m491517sqlk57bbyj3x4xzywadkh"; | |
21 | "14xmf2xz99gdmyzal7xwc997l05siipvcpqj6cxckik4zcqp9wi4"; | |
22 | 22 | }; |
23 | 23 | |
24 | 24 | # TODO FIXME |
4 | 4 | { buildPythonPackage |
5 | 5 | , fetchPypi |
6 | 6 | , lib |
7 | , setuptools_scm | |
8 | 7 | }: |
9 | 8 | |
10 | 9 | buildPythonPackage rec { |
11 | 10 | pname = |
12 | 11 | "bidict"; |
13 | 12 | version = |
14 | "0.21.2"; | |
13 | "0.21.4"; | |
15 | 14 | |
16 | 15 | src = |
17 | 16 | fetchPypi { |
19 | 18 | pname |
20 | 19 | version; |
21 | 20 | sha256 = |
22 | "02dy0b1k7qlhn7ajyzkrvxhyhjj0hzcq6ws3zjml9hkdz5znz92g"; | |
21 | "0vwz0xd9vr2l9j2alx1lipbxrkkwxbllnfq7ys58kppqwvxlzj22"; | |
23 | 22 | }; |
24 | ||
25 | buildInputs = | |
26 | [ | |
27 | setuptools_scm | |
28 | ]; | |
29 | 23 | |
30 | 24 | # TODO FIXME |
31 | 25 | doCheck = |
13 | 13 | pname = |
14 | 14 | "bleach"; |
15 | 15 | version = |
16 | "4.0.0"; | |
16 | "4.1.0"; | |
17 | 17 | |
18 | 18 | src = |
19 | 19 | fetchPypi { |
21 | 21 | pname |
22 | 22 | version; |
23 | 23 | sha256 = |
24 | "1j3wnrzk5p4n6avbpjz2spw0rpbf6rrk9hzwa369k4y2d8f25agz"; | |
24 | "1nkibazmw1ry4cfxs9qrkkidxdf2z1hh1b20xq1ahqdsgsrxh009"; | |
25 | 25 | }; |
26 | 26 | |
27 | 27 | propagatedBuildInputs = |
11 | 11 | pname = |
12 | 12 | "click"; |
13 | 13 | version = |
14 | "8.0.1"; | |
14 | "8.0.3"; | |
15 | 15 | |
16 | 16 | src = |
17 | 17 | fetchPypi { |
19 | 19 | pname |
20 | 20 | version; |
21 | 21 | sha256 = |
22 | "0ymdyf37acq4qxh038q0xx44qgj6y2kf0jd0ivvix6qij88w214c"; | |
22 | "0nybbsgaff8ihfh74nhmng6qj74pfpg99njc7ivysphg0lmr63j1"; | |
23 | 23 | }; |
24 | 24 | |
25 | 25 | propagatedBuildInputs = |
13 | 13 | pname = |
14 | 14 | "faraday-agent-parameters-types"; |
15 | 15 | version = |
16 | "1.0.1"; | |
16 | "1.0.2"; | |
17 | 17 | |
18 | 18 | src = |
19 | 19 | fetchPypi { |
22 | 22 | pname = |
23 | 23 | "faraday_agent_parameters_types"; |
24 | 24 | sha256 = |
25 | "0q2cngxgkvl74mhkibvdsvjjrdfd7flxd6a4776wmxkkn0brzw66"; | |
25 | "0dw2s7lyg9s1qjj6yrn5hxpasbb32qg89pcfsv4vv47yla9djzyc"; | |
26 | 26 | }; |
27 | 27 | |
28 | 28 | buildInputs = |
20 | 20 | pname = |
21 | 21 | "faraday-plugins"; |
22 | 22 | version = |
23 | "1.5.2"; | |
23 | "1.5.5"; | |
24 | 24 | |
25 | 25 | src = |
26 | 26 | fetchPypi { |
28 | 28 | pname |
29 | 29 | version; |
30 | 30 | sha256 = |
31 | "09gr3gsipnfvm222bj20n77hrys4gk57i30r9llj72hiicm2bb4k"; | |
31 | "1dw7j8zfa8j9m0qcpyzl6k0z29k3j5i90lyfg2zapwkpalkgx0d1"; | |
32 | 32 | }; |
33 | 33 | |
34 | 34 | propagatedBuildInputs = |
64 | 64 | pname = |
65 | 65 | "faradaysec"; |
66 | 66 | version = |
67 | "3.17.0"; | |
67 | "3.18.1"; | |
68 | 68 | |
69 | 69 | src = |
70 | 70 | lib.cleanSource |
18 | 18 | pname = |
19 | 19 | "flask-security-too"; |
20 | 20 | version = |
21 | "4.1.0"; | |
21 | "4.1.2"; | |
22 | 22 | |
23 | 23 | src = |
24 | 24 | fetchPypi { |
27 | 27 | pname = |
28 | 28 | "Flask-Security-Too"; |
29 | 29 | sha256 = |
30 | "109h08p0sljkspqay6i970hqbdwcnp7z59ql9nz0cdyg6m2czpk8"; | |
30 | "16ws5n08vm7wsa2f7lrkxvc7jl3ah1xfylhhyzb4vvqmlk7x9hw8"; | |
31 | 31 | }; |
32 | 32 | |
33 | 33 | propagatedBuildInputs = |
10 | 10 | pname = |
11 | 11 | "python-engineio"; |
12 | 12 | version = |
13 | "4.2.1"; | |
13 | "4.3.0"; | |
14 | 14 | |
15 | 15 | src = |
16 | 16 | fetchPypi { |
18 | 18 | pname |
19 | 19 | version; |
20 | 20 | sha256 = |
21 | "0qps2bhis0ms8pbncsx6xwnyd6k5ffy5hbw68wjndmcfdndk446m"; | |
21 | "04fviy92zf8fcpkjnfnsch1phl2sssnhrvq5zkqm67x2rzm5xlzy"; | |
22 | 22 | }; |
23 | 23 | |
24 | 24 | # TODO FIXME |
12 | 12 | pname = |
13 | 13 | "python-socketio"; |
14 | 14 | version = |
15 | "5.4.0"; | |
15 | "5.4.1"; | |
16 | 16 | |
17 | 17 | src = |
18 | 18 | fetchPypi { |
20 | 20 | pname |
21 | 21 | version; |
22 | 22 | sha256 = |
23 | "0i15p94b592aa2h3vn3zs9qc8izv6kc4vmhjlkg9d3hn3yg7r06a"; | |
23 | "1c17cvm91map3rbgl5156y6zwzz2wyqvm31298a23d7bvwyjfkpg"; | |
24 | 24 | }; |
25 | 25 | |
26 | 26 | propagatedBuildInputs = |
11 | 11 | pname = |
12 | 12 | "webargs"; |
13 | 13 | version = |
14 | "8.0.0"; | |
14 | "8.0.1"; | |
15 | 15 | |
16 | 16 | src = |
17 | 17 | fetchPypi { |
19 | 19 | pname |
20 | 20 | version; |
21 | 21 | sha256 = |
22 | "0xy6na8axc5wnp2wg3kvqbpl2iv0hx0rsnlrmrgkgp88znx6cmjn"; | |
22 | "052nard38lki662fqydlyip242n9i8w04yyh1axwz5zfa0i05kmw"; | |
23 | 23 | }; |
24 | 24 | |
25 | 25 | propagatedBuildInputs = |
0 | # cscan | |
1 | Faraday Continuous Scanning | |
2 | ||
3 | More information: | |
4 | [http://blog.infobytesec.com/2015/09/faraday-continuous-scanning.html] (http://blog.infobytesec.com/2015/09/faraday-continuous-scanning.html) |
0 | #!/usr/bin/env python | |
1 | ### | |
2 | ## Faraday Penetration Test IDE | |
3 | ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
4 | ## See the file 'doc/LICENSE' for the license information | |
5 | ### | |
6 | ||
7 | from __future__ import print_function | |
8 | import subprocess | |
9 | import os | |
10 | import argparse | |
11 | import time | |
12 | import shutil | |
13 | from pprint import pprint | |
14 | from configparser import ConfigParser, NoSectionError, NoOptionError | |
15 | #from config import config | |
16 | ||
17 | def setup_config_path(): | |
18 | path = os.path.dirname(os.path.abspath(__file__)) | |
19 | file_path = os.path.expanduser("~/.faraday/config/cscan_conf.ini") | |
20 | ||
21 | if os.path.exists(file_path): | |
22 | return file_path | |
23 | ||
24 | else: | |
25 | # TODO check if folders exist and if not create them | |
26 | path = os.path.join(path,"cscan_conf.ini") | |
27 | shutil.copy(path, file_path) | |
28 | return file_path | |
29 | ||
30 | def init_config(): | |
31 | file_path = setup_config_path() | |
32 | conf_parser = ConfigParser() | |
33 | conf_parser.read(file_path) | |
34 | config = {} | |
35 | ||
36 | for section in conf_parser.sections(): | |
37 | for option in conf_parser.options(section): | |
38 | config[option.upper()] = (conf_parser.get(section, option)) | |
39 | return config | |
40 | ||
41 | def lockFile(lockfile): | |
42 | if os.path.isfile(lockfile): | |
43 | return False | |
44 | else: | |
45 | f = open(lockfile, 'w') | |
46 | f.close() | |
47 | return True | |
48 | ||
49 | def target_list(script, categories): | |
50 | dictionary = { | |
51 | "network": "ips.txt", | |
52 | "web": "websites.txt", | |
53 | "extra": "ips.txt" | |
54 | } | |
55 | ||
56 | category = 'network' | |
57 | for c in categories: | |
58 | if os.path.exists(os.path.join('scripts', c, script)): | |
59 | return dictionary[c] | |
60 | ||
61 | def main(): | |
62 | lockf = ".lock.pod" | |
63 | if not lockFile(lockf): | |
64 | print("You can run only one instance of cscan (%s)" % lockf) | |
65 | exit(0) | |
66 | ||
67 | config = init_config() | |
68 | my_env = os.environ | |
69 | env = config.copy() | |
70 | env.update(my_env) | |
71 | ||
72 | ||
73 | parser = argparse.ArgumentParser(description='continues scanning on Faraday') | |
74 | parser.add_argument('-s','--script', help='Scan only the following script ej: ./cscan.py -p nmap.sh', required=False) | |
75 | parser.add_argument('-S','--scripts', help='Scan the following scripts list ej: ./cscan.py -p nmap.sh,nikto.sh', required=False) | |
76 | parser.add_argument('-c','--category', help='Scan only for given category ej: ./cscan.py -c network', required=False) | |
77 | parser.add_argument('-t','--targets', help='Choose a custom target list ej: ./cscan.py -t custom-list.txt', required=False) | |
78 | parser.add_argument('-o','--output', help='Choose a custom output directory', required=False) | |
79 | parser.add_argument('-l','--log', help='Choose a custom log directory', required=False) | |
80 | args = parser.parse_args() | |
81 | ||
82 | output = 'output/' | |
83 | if args.output: | |
84 | output = args.output | |
85 | ||
86 | logdir = 'log/' | |
87 | if args.log: | |
88 | logdir = args.log | |
89 | ||
90 | for d in [logdir, output]: | |
91 | if not os.path.isdir(d): | |
92 | os.makedirs(d) | |
93 | ||
94 | if args.script: | |
95 | scripts = [args.script] | |
96 | elif args.scripts: | |
97 | scripts = args.scripts.split(",") | |
98 | else: | |
99 | scripts = env["CS_SCRIPTS"].split(",") | |
100 | ||
101 | categories = env["CS_CATEGORIES"].split(",") | |
102 | for category in categories: | |
103 | env["PATH"] += ":%s" % os.path.abspath("./scripts/" + category) | |
104 | ||
105 | for script in scripts: | |
106 | if args.targets: | |
107 | targets = args.targets | |
108 | else: | |
109 | targets = target_list(script, categories) | |
110 | ||
111 | cmd = "%s %s %s %s" % (script, targets, output, logdir) | |
112 | print("\n\nRunning: %s" % cmd) | |
113 | proc = subprocess.call(cmd, shell=True, stdin=None, env=dict(env)) | |
114 | ||
115 | #Remove lockfile | |
116 | os.remove(lockf) | |
117 | ||
118 | if __name__ == "__main__": | |
119 | main() | |
120 | # I'm Py3 |
0 | ### | |
1 | ## Faraday Penetration Test IDE | |
2 | ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
3 | ## See the file doc/LICENSE for the license information | |
4 | ### | |
5 | ||
6 | [Default setup] | |
7 | CS_CATEGORIES: network,web | |
8 | CS_SCRIPTS: nmap.sh,openvas.sh,nikto.sh,nessus.sh,w3af.sh | |
9 | ||
10 | [NMAP] | |
11 | CS_NMAP : nmap | |
12 | CS_NMAP_ARGS : -O | |
13 | ||
14 | [OPENVAS] | |
15 | CS_OPENVAS_USER : admin | |
16 | CS_OPENVAS_PASSWORD : openvas | |
17 | CS_OPENVAS_SCAN_CONFIG : Full and fast | |
18 | CS_OPENVAS_ALIVE_TEST : ICMP, TCP-ACK Service & ARP Ping | |
19 | CS_OPENVAS : omp | |
20 | ||
21 | [BURP] | |
22 | CS_BURP : /root/tools/burpsuite_pro_v1.6.26.jar | |
23 | ||
24 | [NIKTO] | |
25 | CS_NIKTO : nikto | |
26 | CS_NIKTO_ARGS : | |
27 | ||
28 | [W3AF] | |
29 | CS_W3AF : /root/tools/w3af/w3af_api | |
30 | CS_W3AF_PROFILE : /root/tools/w3af/profiles/fast_scan.pw3af | |
31 | ||
32 | [ZAP] | |
33 | CS_ZAP : /root/tools/zap/ZAP_D-2015-08-24/zap.sh | |
34 | ||
35 | [NESSUS] | |
36 | CS_NESSUS_URL : https://127.0.0.1:8834 | |
37 | CS_NESSUS_USER : nessus | |
38 | CS_NESSUS_PASS : nessus | |
39 | CS_NESSUS_PROFILE : Basic Network Scan | |
40 | ||
41 | [MSFRPC] | |
42 | CS_MSF_TMP_WS : enabled | |
43 | CS_MSF_EXPORT : enabled | |
44 |
0 | # Created by Blake Cornell, CTO, Integris Security LLC | |
1 | # Integris Security Carbonator - Beta Version - v1.2 | |
2 | # Released under GPL Version 2 license. | |
3 | # | |
4 | # See the INSTALL file for installation instructions. | |
5 | # | |
6 | # For more information contact us at carbonator at integrissecurity dot com | |
7 | # Or visit us at https://www.integrissecurity.com/ | |
8 | ||
9 | from burp import IBurpExtender | |
10 | from burp import IHttpListener | |
11 | from burp import IScannerListener | |
12 | from java.net import URL | |
13 | from java.io import File | |
14 | ||
15 | import time | |
16 | ||
17 | class BurpExtender(IBurpExtender, IHttpListener, IScannerListener): | |
18 | def registerExtenderCallbacks(self, callbacks): | |
19 | self._callbacks = callbacks | |
20 | self._callbacks.setExtensionName("Carbonator") | |
21 | self._helpers = self._callbacks.getHelpers() | |
22 | self.clivars = None | |
23 | ||
24 | self.spider_results=[] | |
25 | self.scanner_results=[] | |
26 | self.packet_timeout=5 | |
27 | ||
28 | self.last_packet_seen= int(time.time()) #initialize the start of the spider/scan | |
29 | ||
30 | if not self.processCLI(): | |
31 | return None | |
32 | else: | |
33 | self.clivars = True | |
34 | ||
35 | print("Initiating Carbonator Against: ", str(self.url)) | |
36 | #add to scope if not already in there. | |
37 | if self._callbacks.isInScope(self.url) == 0: | |
38 | self._callbacks.includeInScope(self.url) | |
39 | ||
40 | #added to ensure that the root directory is scanned | |
41 | base_request = str.encode(str("GET "+self.path+" HTTP/1.1\nHost: "+self.fqdn+"\n\n")) | |
42 | if(self.scheme == 'HTTPS'): | |
43 | print(self._callbacks.doActiveScan(self.fqdn,self.port,1,base_request)) | |
44 | else: | |
45 | print(self._callbacks.doActiveScan(self.fqdn,self.port,0,base_request)) | |
46 | ||
47 | self._callbacks.sendToSpider(self.url) | |
48 | self._callbacks.registerHttpListener(self) | |
49 | self._callbacks.registerScannerListener(self) | |
50 | ||
51 | while int(time.time())-self.last_packet_seen <= self.packet_timeout: | |
52 | time.sleep(1) | |
53 | print("No packets seen in the last", self.packet_timeout, "seconds.") | |
54 | print("Removing Listeners") | |
55 | self._callbacks.removeHttpListener(self) | |
56 | self._callbacks.removeScannerListener(self) | |
57 | self._callbacks.excludeFromScope(self.url) | |
58 | ||
59 | print("Generating Report") | |
60 | self.generateReport(self.rtype) | |
61 | print("Report Generated") | |
62 | print("Closing Burp in", self.packet_timeout, "seconds.") | |
63 | time.sleep(self.packet_timeout) | |
64 | ||
65 | if self.clivars: | |
66 | self._callbacks.exitSuite(False) | |
67 | ||
68 | return | |
69 | ||
70 | def processHttpMessage(self, tool_flag, isRequest, current): | |
71 | self.last_packet_seen = int(time.time()) | |
72 | if tool_flag == self._callbacks.TOOL_SPIDER and isRequest: #if is a spider request then send to scanner | |
73 | self.spider_results.append(current) | |
74 | print("Sending new URL to Vulnerability Scanner: URL #",len(self.spider_results)) | |
75 | if self.scheme == 'https': | |
76 | self._callbacks.doActiveScan(self.fqdn,self.port,1,current.getRequest()) #returns scan queue, push to array | |
77 | else: | |
78 | self._callbacks.doActiveScan(self.fqdn,self.port,0,current.getRequest()) #returns scan queue, push to array | |
79 | return | |
80 | ||
81 | def newScanIssue(self, issue): | |
82 | self.scanner_results.append(issue) | |
83 | print("New issue identified: Issue #",len(self.scanner_results)) | |
84 | return | |
85 | ||
86 | def generateReport(self, format): | |
87 | if format != 'XML': | |
88 | format = 'HTML' | |
89 | ||
90 | file_name = self.output | |
91 | self._callbacks.generateScanReport(format,self.scanner_results,File(file_name)) | |
92 | ||
93 | time.sleep(5) | |
94 | return | |
95 | ||
96 | def processCLI(self): | |
97 | cli = self._callbacks.getCommandLineArguments() | |
98 | if len(cli) < 0: | |
99 | print("Incomplete target information provided.") | |
100 | return False | |
101 | elif not cli: | |
102 | print("Integris Security Carbonator is now loaded.") | |
103 | print("If Carbonator was loaded through the BApp store then you can run in headless mode simply adding the `-Djava.awt.headless=true` flag from within your shell. Note: If burp doesn't close at the conclusion of a scan then disable Automatic Backup on Exit.") | |
104 | print("For questions or feature requests contact us at carbonator at integris security dot com.") | |
105 | print("Visit carbonator at https://www.integrissecurity.com/Carbonator") | |
106 | return False | |
107 | else: | |
108 | self.url = URL(cli[0]) | |
109 | self.rtype = cli[1] | |
110 | self.output = cli[2] | |
111 | ||
112 | self.scheme = self.url.getProtocol() | |
113 | self.fqdn = self.url.getHost() | |
114 | self.port1 = self.url.getPort() | |
115 | if self.port1 == -1 and self.scheme == 'http': | |
116 | self.port = 80 | |
117 | elif self.port1 == -1 and self.scheme == 'https': | |
118 | self.port = 443 | |
119 | else: | |
120 | self.port = self.port1 | |
121 | self.path = self.url.getFile() | |
122 | print("self.url: " + str(self.url) + "\n") | |
123 | print("Scheme: " + self.scheme + "\n") | |
124 | print("FQDN: " + self.fqdn + "\n") | |
125 | print("Port: " + str(self.port1) + "\n") | |
126 | print("Path: " + self.path + "\n") | |
127 | return True | |
128 | # I'm Py3⏎ |
0 | #!/usr/bin/env python3 | |
1 | ''' | |
2 | Faraday Penetration Test IDE | |
3 | Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/) | |
4 | See the file 'doc/LICENSE' for the license information | |
5 | ||
6 | ''' | |
7 | ||
8 | import os | |
9 | import time | |
10 | import string | |
11 | import random | |
12 | import argparse | |
13 | import msgpack | |
14 | import http.client | |
15 | import ssl | |
16 | ||
17 | ||
18 | class Msfrpc: | |
19 | """ Msfrpc class from https://github.com/SpiderLabs/msfrpc """ | |
20 | ||
21 | class MsfError(Exception): | |
22 | def __init__(self, msg): | |
23 | self.msg = msg | |
24 | ||
25 | def __str__(self): | |
26 | return repr(self.msg) | |
27 | ||
28 | class MsfAuthError(MsfError): | |
29 | def __init__(self, msg): | |
30 | self.msg = msg | |
31 | ||
32 | def __init__(self, opts=[]): | |
33 | self.host = opts.get("host") or "127.0.0.1" | |
34 | self.port = opts.get("port") or 55552 | |
35 | self.uri = opts.get("uri") or "/api/" | |
36 | self.ssl = opts.get("ssl") or False | |
37 | self.authenticated = False | |
38 | self.token = False | |
39 | self.headers = {"Content-type": "binary/message-pack"} | |
40 | if self.ssl: | |
41 | self.client = http.client.HTTPSConnection(self.host, self.port, context=ssl._create_unverified_context()) | |
42 | else: | |
43 | self.client = http.client.HTTPConnection(self.host, self.port) | |
44 | ||
45 | def encode(self, data): | |
46 | return msgpack.packb(data) | |
47 | ||
48 | def decode(self, data): | |
49 | return msgpack.unpackb(data) | |
50 | ||
51 | def call(self, meth, opts=[]): | |
52 | if meth != "auth.login": | |
53 | if not self.authenticated: | |
54 | raise self.MsfAuthError("MsfRPC: Not Authenticated") | |
55 | opts.insert(0, self.token) | |
56 | ||
57 | opts.insert(0, meth) | |
58 | params = self.encode(opts) | |
59 | self.client.request("POST", self.uri,params, self.headers) | |
60 | resp = self.client.getresponse() | |
61 | return self.decode(resp.read()) | |
62 | ||
63 | def login(self, user, password): | |
64 | ret = self.call("auth.login", [user, password]) | |
65 | if ret.get("result") == "success": | |
66 | self.authenticated = True | |
67 | self.token = ret.get("token") | |
68 | return True | |
69 | else: | |
70 | raise self.MsfAuthError("MsfRPC: Authentication failed") | |
71 | ||
72 | ||
73 | class CscanMsf: | |
74 | """ msfrpc plugin for cscan """ | |
75 | def __init__(self, client, logfile=False, quiet=False): | |
76 | self.logfile = logfile | |
77 | self.cid = None | |
78 | self.quiet = quiet | |
79 | self.client = client | |
80 | ||
81 | def check_auth(self): | |
82 | if not self.client or not self.client.authenticated: | |
83 | self.log("ERROR: You are not authenticated..", True) | |
84 | return False | |
85 | return True | |
86 | ||
87 | def log(self, msg, critical=False): | |
88 | if self.logfile: | |
89 | logfile = open(self.logfile, "a") | |
90 | logfile.write("%s\n" % msg) | |
91 | logfile.close() | |
92 | if not self.quiet or critical: | |
93 | print(msg) | |
94 | ||
95 | def rpc_call(self, meth, opts, key=""): | |
96 | if self.check_auth(): | |
97 | res = self.client.call(meth, opts) | |
98 | ||
99 | if "error" in res: | |
100 | self.log("ERROR: %s %s" % (res.get("error_code"), res.get("error_message")), True) | |
101 | self.log("%s: %s\n%s" % (res.get("error_class"), res.get("error_string"), res.get("error_backtrace"))) | |
102 | return res | |
103 | return res if not key else res.get(key) | |
104 | ||
105 | def create_console(self): | |
106 | self.cid = self.rpc_call("console.create", [{}], "id") | |
107 | self.rpc_call("console.read", [self.cid]) | |
108 | self.log("Created console ID " + str(self.cid), True) | |
109 | return self.cid | |
110 | ||
111 | def destroy_console(self): | |
112 | self.log("Destroy console ID %s.. %s" % (self.cid, self.rpc_call("console.destroy", | |
113 | [self.cid], "result")), True) | |
114 | ||
115 | def create_ws(self, ws, switch=False): | |
116 | self.log("Create %s workspace.. %s" % (ws, self.rpc_call("db.add_workspace", [ws], "result")), True) | |
117 | if switch: | |
118 | self.set_ws(ws) | |
119 | return ws | |
120 | ||
121 | def set_ws(self, ws): | |
122 | self.log("Switch to %s workspace.. %s" % (ws, self.rpc_call("db.set_workspace", [ws], "result")), True) | |
123 | ||
124 | def destroy_ws(self, ws): | |
125 | self.log("Delete %s workspace.. %s" % (ws, self.rpc_call("db.del_workspace", [ws], "result")), True) | |
126 | ||
127 | def import_xml_data(self, ws, xml): | |
128 | content = open(xml, "r").read() | |
129 | self.log("Importing data from %s.. %s" % (xml, self.rpc_call("db.import_data", [{"workspace": ws, | |
130 | "data": content}], "result")), True) | |
131 | ||
132 | def export_current_ws(self, out): | |
133 | self.log("Exporting workspace..", True) | |
134 | self.rpc_call("console.write", [self.cid, "db_export %s\r\n" % out]) | |
135 | ||
136 | while True: | |
137 | time.sleep(5) | |
138 | res = self.rpc_call("console.read", [self.cid]) | |
139 | if res.get("data"): | |
140 | self.log("%s %s" % (res.get("prompt"), res.get("data"))) | |
141 | if "Finished export" in res.get("data"): | |
142 | return True | |
143 | ||
144 | def wait_for_jobs(self): | |
145 | while True: | |
146 | job_list = self.rpc_call("job.list", []) | |
147 | self.log("Current jobs: %s (Total: %d)" % (",".join(job_list), len(job_list)), True) | |
148 | if len(job_list) > 0: | |
149 | for j in job_list: | |
150 | jinfo = self.rpc_call("job.info", [j]) | |
151 | self.log("%s - %s" % (jinfo.get("jid"), jinfo.get("name")), True) | |
152 | else: | |
153 | return True | |
154 | time.sleep(10) | |
155 | ||
156 | def run_commands(self, commands): | |
157 | self.log("Deploy following commands: \n%s" % " msf> " + "\n msf> ".join(commands), True) | |
158 | self.rpc_call("console.write", [self.cid, "\n".join(commands)]) | |
159 | self.rpc_call("console.write", [self.cid, "set PROMPT commands_deployed\r\n"]) | |
160 | ||
161 | while True: | |
162 | time.sleep(2) | |
163 | res = self.rpc_call("console.read", [self.cid]) | |
164 | if res.get("data"): | |
165 | self.log("%s %s" % (res.get("prompt"), res.get("data"))) | |
166 | if "commands_deployed" in res["prompt"] and not res["busy"]: | |
167 | self.rpc_call("console.write", [self.cid, "set PROMPT msfcscan\r\n"]) | |
168 | break | |
169 | ||
170 | def banner(args, cws="unknown"): | |
171 | return """ _____________________________________________________ | |
172 | | ____ ___________________________________________ | | |
173 | | | | \/ |/ ___| ___/ __ \ | | | |
174 | | | | . . |\ `--.| |_ | / \/___ ___ __ _ _ __ | | | |
175 | | | | |\/| | `--. \ _| | | / __|/ __/ _` | '_ \ | | | |
176 | | | | | | |/\__/ / | | \__/\__ \ (_| (_| | | | | | | | |
177 | | | \_| |_/\____/\_| \____/___/\___\__,_|_| |_| | | | |
178 | | | _____ ______ ______ _____ ______ ______ _____ | | | |
179 | | | |_____|______|______|_____|______|______|_____| |_| | |
180 | | | | |
181 | | | Arguments: Current workspace: %s | |
182 | | | > Temp workspace: %s | |
183 | | | > Quiet mode: %s | |
184 | | | > Command: %s | |
185 | | | > Resource: %s | |
186 | | | > Options: %s | |
187 | | | > Modules: %s | |
188 | |_| > XML import: %s | |
189 | > Log file: %s | |
190 | > Output file: %s | |
191 | ||
192 | """ % ( | |
193 | cws, | |
194 | "enabled" if not args.disable_tmp_ws else "disabled", | |
195 | "enabled" if args.quiet else "disabled", | |
196 | args.command, | |
197 | args.resource, | |
198 | "\n | | --> " + args.options.replace(":", "\n | | --> ") if args.options else None, | |
199 | "\n | | --> " + args.modules.replace(",", "\n | | --> ") if args.modules else None, | |
200 | args.xml, | |
201 | args.log, | |
202 | args.output | |
203 | ) | |
204 | ||
205 | ||
206 | def main(): | |
207 | parser = argparse.ArgumentParser(description="msfrpc cscan plugin, for automated security testing") | |
208 | parser.add_argument("-H","--msfrpc-host", help="Override MSFRPC_HOST envvar", required=False) | |
209 | parser.add_argument("-P","--msfrpc-port", help="Override MSFRPC_PORT envvar", required=False) | |
210 | parser.add_argument("-u","--msfrpc-user", help="Override MSFRPC_USER envvar", required=False) | |
211 | parser.add_argument("-p","--msfrpc-pass", help="Override MSFRPC_PASS envvar", required=False) | |
212 | parser.add_argument("-S","--msfrpc-ssl", help="Override MSFRPC_SSL envvar", required=False, action="store_true") | |
213 | parser.add_argument("-U","--msfrpc-uri", help="Override MSFRPC_URI envvar", required=False) | |
214 | ||
215 | parser.add_argument("-o","--output", help="Output file", required=False) | |
216 | parser.add_argument("-l","--log", help="Log file", required=False) | |
217 | parser.add_argument("-x","--xml", help="XML to import in temp workspace", required=False) | |
218 | parser.add_argument("-m","--modules", help="Modules to use", required=False) | |
219 | parser.add_argument("-r","--resource", help="Resource to execute", required=False) | |
220 | parser.add_argument("-O","--options", help="Modules options", required=False) | |
221 | parser.add_argument("-c","--command", help="Command to execute (check, run, exploit)", default="check") | |
222 | parser.add_argument("-T","--disable-tmp-ws", help="Do not create temp workspace and use current", required=False, action="store_true") | |
223 | parser.add_argument("-q","--quiet", help="Quiet mode, set -l options to have log in a file", required=False, action="store_true") | |
224 | ||
225 | args = parser.parse_args() | |
226 | try: | |
227 | client = Msfrpc({ | |
228 | "host": args.msfrpc_host if args.msfrpc_host else os.environ.get("MSFRPC_HOST"), | |
229 | "port": args.msfrpc_port if args.msfrpc_port else os.environ.get("MSFRPC_PORT"), | |
230 | "uri": args.msfrpc_uri if args.msfrpc_uri else os.environ.get("MSFRPC_URI"), | |
231 | "ssl": args.msfrpc_ssl if args.msfrpc_ssl else os.environ.get("MSFRPC_SSL") == 'true' | |
232 | }) | |
233 | client.login(args.msfrpc_user if args.msfrpc_user else os.environ.get("MSFRPC_USER"), | |
234 | args.msfrpc_pass if args.msfrpc_pass else os.environ.get("MSFRPC_PASS")) | |
235 | except: | |
236 | print("ERROR: Cannot connect to server..") | |
237 | exit(1) | |
238 | ||
239 | cscan = CscanMsf(client, args.log, args.quiet) | |
240 | commands = [] | |
241 | tmp_ws = None | |
242 | current_ws = cscan.rpc_call("db.current_workspace", [], "workspace") | |
243 | ||
244 | print(banner(args, current_ws)) | |
245 | cscan.create_console() | |
246 | ||
247 | if not args.disable_tmp_ws and os.environ.get("CS_MSF_TMP_WS") == "enabled": | |
248 | tmp_ws = "cscan_" + "".join(random.sample(string.ascii_lowercase,6)) | |
249 | cscan.create_ws(tmp_ws, True) | |
250 | if args.xml: | |
251 | cscan.import_xml_data(tmp_ws, args.xml) | |
252 | ||
253 | if args.options: | |
254 | for option in args.options.split(":"): | |
255 | commands.append("setg " + option.replace("=", " ")) | |
256 | if args.modules: | |
257 | for module in args.modules.split(","): | |
258 | commands.append("use " + module) | |
259 | commands.append("show options") | |
260 | commands.append(args.command) | |
261 | elif args.resource: | |
262 | commands.append("resource " + args.resource) | |
263 | ||
264 | commands.append("\r\n") | |
265 | cscan.run_commands(commands) | |
266 | cscan.wait_for_jobs() | |
267 | ||
268 | if os.environ.get("CS_MSF_EXPORT") == "enabled" and args.output: | |
269 | cscan.export_current_ws(args.output) | |
270 | ||
271 | cscan.destroy_console() | |
272 | ||
273 | if tmp_ws: | |
274 | cscan.set_ws(current_ws) | |
275 | cscan.destroy_ws(tmp_ws) | |
276 | ||
277 | if __name__ == "__main__": | |
278 | main() | |
279 | # I'm Py3⏎ |
0 | #!/usr/bin/env python3 | |
1 | ### | |
2 | ## Faraday Penetration Test IDE | |
3 | ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
4 | ## See the file 'doc/LICENSE' for the license information | |
5 | ### | |
6 | import requests | |
7 | import json | |
8 | import time | |
9 | import sys | |
10 | import argparse | |
11 | import os | |
12 | from faraday.server.config import CONST_FARADAY_HOME_PATH | |
13 | from faraday.server.config import FARADAY_BASE | |
14 | ||
15 | my_env = os.environ | |
16 | ||
17 | url = my_env["CS_NESSUS_URL"] if 'CS_NESSUS_URL' in my_env else "https://192.168.10.230:8834" | |
18 | username = my_env["CS_NESSUS_USER"] if 'CS_NESSUS_USER' in my_env else "cscan" | |
19 | password = my_env["CS_NESSUS_PASS"] if 'CS_NESSUS_PASS' in my_env else "XqjympHtrvVU22xtK5ZZ" | |
20 | profile = my_env["CS_NESSUS_PROFILE"] if 'CS_NESSUS_PROFILE' in my_env else "Basic Network Scan" | |
21 | ||
22 | verify = False | |
23 | token = '' | |
24 | ||
25 | import urllib3 | |
26 | urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) | |
27 | ||
28 | ||
29 | def build_url(resource): | |
30 | return '{0}{1}'.format(url, resource) | |
31 | ||
32 | ||
33 | def connect(method, resource, data=None): | |
34 | """ | |
35 | Send a request | |
36 | ||
37 | Send a request to Nessus based on the specified data. If the session token | |
38 | is available add it to the request. Specify the content type as JSON and | |
39 | convert the data to JSON format. | |
40 | """ | |
41 | headers = {'X-Cookie': 'token={0}'.format(token), | |
42 | 'content-type': 'application/json'} | |
43 | ||
44 | data = json.dumps(data) | |
45 | ||
46 | if method == 'POST': | |
47 | r = requests.post(build_url(resource), data=data, headers=headers, verify=verify) | |
48 | elif method == 'PUT': | |
49 | r = requests.put(build_url(resource), data=data, headers=headers, verify=verify) | |
50 | elif method == 'DELETE': | |
51 | r = requests.delete(build_url(resource), data=data, headers=headers, verify=verify) | |
52 | else: | |
53 | r = requests.get(build_url(resource), params=data, headers=headers, verify=verify) | |
54 | ||
55 | # Exit if there is an error. | |
56 | if r.status_code != 200: | |
57 | e = r.json() | |
58 | print(e['error']) | |
59 | sys.exit() | |
60 | ||
61 | # When downloading a scan we need the raw contents not the JSON data. | |
62 | if 'download' in resource: | |
63 | return r.content | |
64 | else: | |
65 | try: | |
66 | return r.json() | |
67 | except: | |
68 | pass | |
69 | ||
70 | ||
71 | def login(usr, pwd): | |
72 | """ | |
73 | Login to nessus. | |
74 | """ | |
75 | login = {'username': usr, 'password': pwd} | |
76 | data = connect('POST', '/session', data=login) | |
77 | ||
78 | return data['token'] | |
79 | ||
80 | ||
81 | def logout(): | |
82 | """ | |
83 | Logout of nessus. | |
84 | """ | |
85 | ||
86 | connect('DELETE', '/session') | |
87 | ||
88 | ||
89 | def get_policies(): | |
90 | """ | |
91 | Get scan policies | |
92 | ||
93 | Get all of the scan policies but return only the title and the uuid of | |
94 | each policy. | |
95 | """ | |
96 | ||
97 | data = connect('GET', '/editor/policy/templates') | |
98 | ||
99 | return dict((p['title'], p['uuid']) for p in data['templates']) | |
100 | ||
101 | ||
102 | def get_history_ids(sid): | |
103 | """ | |
104 | Get history ids | |
105 | ||
106 | Create a dictionary of scan uuids and history ids so we can lookup the | |
107 | history id by uuid. | |
108 | """ | |
109 | data = connect('GET', '/scans/{0}'.format(sid)) | |
110 | ||
111 | return dict((h['uuid'], h['history_id']) for h in data['history']) | |
112 | ||
113 | ||
114 | def get_scan_history(sid, hid): | |
115 | """ | |
116 | Scan history details | |
117 | ||
118 | Get the details of a particular run of a scan. | |
119 | """ | |
120 | params = {'history_id': hid} | |
121 | data = connect('GET', '/scans/{0}'.format(sid), params) | |
122 | ||
123 | return data['info'] | |
124 | ||
125 | ||
126 | def add(name, desc, targets, pid): | |
127 | """ | |
128 | Add a new scan | |
129 | ||
130 | Create a new scan using the policy_id, name, description and targets. The | |
131 | scan will be created in the default folder for the user. Return the id of | |
132 | the newly created scan. | |
133 | """ | |
134 | ||
135 | scan = {'uuid': pid, | |
136 | 'settings': { | |
137 | 'name': name, | |
138 | 'description': desc, | |
139 | 'text_targets': targets} | |
140 | } | |
141 | ||
142 | data = connect('POST', '/scans', data=scan) | |
143 | ||
144 | return data['scan'] | |
145 | ||
146 | ||
147 | def update(scan_id, name, desc, targets, pid=None): | |
148 | """ | |
149 | Update a scan | |
150 | ||
151 | Update the name, description, targets, or policy of the specified scan. If | |
152 | the name and description are not set, then the policy name and description | |
153 | will be set to None after the update. In addition the targets value must | |
154 | be set or you will get an "Invalid 'targets' field" error. | |
155 | """ | |
156 | ||
157 | scan = {} | |
158 | scan['settings'] = {} | |
159 | scan['settings']['name'] = name | |
160 | scan['settings']['desc'] = desc | |
161 | scan['settings']['text_targets'] = targets | |
162 | ||
163 | if pid is not None: | |
164 | scan['uuid'] = pid | |
165 | ||
166 | data = connect('PUT', '/scans/{0}'.format(scan_id), data=scan) | |
167 | ||
168 | return data | |
169 | ||
170 | ||
171 | def launch(sid): | |
172 | """ | |
173 | Launch a scan | |
174 | ||
175 | Launch the scan specified by the sid. | |
176 | """ | |
177 | ||
178 | data = connect('POST', '/scans/{0}/launch'.format(sid)) | |
179 | ||
180 | return data['scan_uuid'] | |
181 | ||
182 | ||
183 | def status(sid, hid): | |
184 | """ | |
185 | Check the status of a scan run | |
186 | ||
187 | Get the historical information for the particular scan and hid. Return | |
188 | the status if available. If not return unknown. | |
189 | """ | |
190 | ||
191 | d = get_scan_history(sid, hid) | |
192 | return d['status'] | |
193 | ||
194 | ||
195 | def export_status(sid, fid): | |
196 | """ | |
197 | Check export status | |
198 | ||
199 | Check to see if the export is ready for download. | |
200 | """ | |
201 | ||
202 | data = connect('GET', '/scans/{0}/export/{1}/status'.format(sid, fid)) | |
203 | ||
204 | return data['status'] == 'ready' | |
205 | ||
206 | ||
207 | def export(sid): | |
208 | """ | |
209 | Make an export request | |
210 | ||
211 | Request an export of the scan results for the specified scan and | |
212 | historical run. In this case the format is hard coded as nessus but the | |
213 | format can be any one of nessus, html, pdf, csv, or db. Once the request | |
214 | is made, we have to wait for the export to be ready. | |
215 | """ | |
216 | ||
217 | data = {'format': 'nessus'} | |
218 | ||
219 | data = connect('POST', '/scans/{0}/export'.format(sid), data=data) | |
220 | ||
221 | fid = data['file'] | |
222 | ||
223 | while export_status(sid, fid) is False: | |
224 | time.sleep(5) | |
225 | ||
226 | return fid | |
227 | ||
228 | ||
229 | def download(sid, fid, output=None): | |
230 | """ | |
231 | Download the scan results | |
232 | ||
233 | Download the scan results stored in the export file specified by fid for | |
234 | the scan specified by sid. | |
235 | """ | |
236 | ||
237 | data = connect('GET', '/scans/{0}/export/{1}/download'.format(sid, fid)) | |
238 | # For version 7, use the nessus scan Id to avoid overwrite the output file | |
239 | if not output: | |
240 | print('Using Nessus 7. Ignore --output. This is normal.') | |
241 | report_path = FARADAY_BASE / 'scripts' / 'cscan' / 'output' / \ | |
242 | f'nessus_{sid}.xml' | |
243 | if not report_path.exists(): | |
244 | with report_path.open('w') as report: | |
245 | print('Saving scan results to {0}.'.format(report_path)) | |
246 | report.write(data) | |
247 | ||
248 | else: | |
249 | print('Saving scan results to {0}.'.format(output)) | |
250 | with open(output, 'w') as report: | |
251 | report.write(data) | |
252 | ||
253 | ||
254 | def delete(sid): | |
255 | """ | |
256 | Delete a scan | |
257 | ||
258 | This deletes a scan and all of its associated history. The scan is not | |
259 | moved to the trash folder, it is deleted. | |
260 | """ | |
261 | ||
262 | connect('DELETE', '/scans/{0}'.format(scan_id)) | |
263 | ||
264 | ||
265 | def history_delete(sid, hid): | |
266 | """ | |
267 | Delete a historical scan. | |
268 | ||
269 | This deletes a particular run of the scan and not the scan itself. the | |
270 | scan run is defined by the history id. | |
271 | """ | |
272 | ||
273 | connect('DELETE', '/scans/{0}/history/{1}'.format(sid, hid)) | |
274 | ||
275 | def get_scans(): | |
276 | scan_list = [] | |
277 | data = connect('GET','/scans') | |
278 | for scans in data['scans']: | |
279 | scans_info = {} | |
280 | scans_info['id'] = scans['id'] | |
281 | scans_info['creation_date'] = scans['creation_date'] | |
282 | scan_list.append(scans_info) | |
283 | ||
284 | scan_list = sorted(scan_list,key=lambda scan:scan['creation_date']) | |
285 | return scan_list | |
286 | ||
287 | def get_date(): | |
288 | with (CONST_FARADAY_HOME_PATH/'cscan'/'date.txt').open('r') as date_file: | |
289 | date = date_file.read() | |
290 | try: | |
291 | date = int(date) | |
292 | except ValueError: | |
293 | # Default date: September 3, 2018 20:45 (GMT) | |
294 | return 1536007534 | |
295 | ||
296 | return date | |
297 | ||
298 | def set_date(date): | |
299 | with (CONST_FARADAY_HOME_PATH/'cscan'/'date.txt').open('w') as date_file: | |
300 | date_file.write(str(date)) | |
301 | ||
302 | def get_version(): | |
303 | data = connect('GET','/server/properties') | |
304 | return int(data['nessus_ui_version'][0]) | |
305 | ||
306 | ||
307 | def create_directory(): | |
308 | if not (CONST_FARADAY_HOME_PATH / 'cscan').exists(): | |
309 | (CONST_FARADAY_HOME_PATH / 'cscan').mkdir() | |
310 | if not (CONST_FARADAY_HOME_PATH / 'cscan' / 'date.txt').exists(): | |
311 | (CONST_FARADAY_HOME_PATH /'cscan' / 'date.txt').open('w').close() | |
312 | ||
313 | if __name__ == "__main__": | |
314 | parser = argparse.ArgumentParser(description='nessus_client is develop for automating security testing') | |
315 | parser.add_argument('-t', '--target', help='Network or Host for scan', required=False) | |
316 | parser.add_argument('-o', '--output', help='Output file', required=False) | |
317 | args = parser.parse_args() | |
318 | # Review de Command input | |
319 | if args.target is None or args.output is None: | |
320 | print("Argument errors check -h") | |
321 | exit(0) | |
322 | ||
323 | print('Login') | |
324 | try: | |
325 | token = login(username, password) | |
326 | except: | |
327 | print("Unexpected error:", sys.exc_info()[0]) | |
328 | raise | |
329 | ||
330 | version = get_version() | |
331 | if version < 7 : | |
332 | #For Nessus <7 | |
333 | print('Adding new scan.' + token) | |
334 | print(args.target) | |
335 | ||
336 | policies = get_policies() | |
337 | policy_id = policies[profile] | |
338 | scan_data = add('CScan nessus', 'Create a new scan with API', args.target, policy_id) | |
339 | scan_id = scan_data['id'] | |
340 | ||
341 | print('Launching new scan.') | |
342 | scan_uuid = launch(scan_id) | |
343 | history_ids = get_history_ids(scan_id) | |
344 | history_id = history_ids[scan_uuid] | |
345 | while status(scan_id, history_id) not in ('completed', 'canceled'): | |
346 | time.sleep(5) | |
347 | ||
348 | print('Exporting the completed scan.') | |
349 | file_id = export(scan_id) | |
350 | download(scan_id, file_id, args.output) | |
351 | ||
352 | print('Deleting the scan.') | |
353 | history_delete(scan_id, history_id) | |
354 | delete(scan_id) | |
355 | ||
356 | else: | |
357 | #For Nessus >7 | |
358 | create_directory() | |
359 | scans = get_scans() | |
360 | date = get_date() | |
361 | for scan in scans: | |
362 | if scan['creation_date'] > date: | |
363 | set_date(scan['creation_date']) | |
364 | print('Downloading scan. Id: {0}'.format(scan['id'])) | |
365 | file_id = export(scan['id']) | |
366 | download(scan['id'], file_id) | |
367 | else: | |
368 | print('Scan up to date. Id: {0}'.format(scan['id'])) | |
369 | ||
370 | print('Logout') | |
371 | logout()# I'm Py3 |
0 | #!/usr/bin/env python3 | |
1 | ||
2 | # Faraday Penetration Test IDE | |
3 | # Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
4 | # See the file 'doc/LICENSE' for the license information | |
5 | ||
6 | ||
7 | from w3af_api_client import Connection, Scan | |
8 | import subprocess | |
9 | import os | |
10 | import argparse | |
11 | import time | |
12 | import signal | |
13 | from pprint import pprint | |
14 | import atexit | |
15 | child_pid = None | |
16 | ||
17 | ||
18 | def kill_child(): | |
19 | global child_pid | |
20 | if child_pid is None: | |
21 | pass | |
22 | else: | |
23 | os.kill(child_pid, signal.SIGTERM) | |
24 | ||
25 | ||
26 | def main(): | |
27 | atexit.register(kill_child) | |
28 | ||
29 | my_env = os.environ | |
30 | cmd = my_env["CS_W3AF"] if 'CS_W3AF' in my_env else "/root/tools/w3af/w3af_api" | |
31 | profile = my_env["CS_W3AF_PROFILE"] if 'CS_W3AF_PROFILE' in my_env else "/root/tools/w3af/profiles/fast_scan.pw3af" | |
32 | ||
33 | # Parser argument in command line | |
34 | parser = argparse.ArgumentParser(description='w3af_client is develop for automating security testing') | |
35 | parser.add_argument('-t', '--target', help='Network or Host for scan', required=False) | |
36 | parser.add_argument('-o', '--output', help='Output file', required=False) | |
37 | args = parser.parse_args() | |
38 | ||
39 | if args.target is None or args.output is None: | |
40 | print("Argument errors check -h") | |
41 | exit(0) | |
42 | ||
43 | print('Starting w3af api ...') | |
44 | global child_pid | |
45 | proc = subprocess.Popen([cmd]) | |
46 | child_pid = proc.pid | |
47 | ||
48 | print('Waiting for W3af to load, 5 seconds ...') | |
49 | time.sleep(5) | |
50 | ||
51 | # Connect to the REST API and get it's version | |
52 | conn = Connection('http://127.0.0.1:5000/') | |
53 | print(conn.get_version()) | |
54 | ||
55 | # Define the target and configuration | |
56 | # scan_profile = file('/root/tools/w3af/profiles/fast_scan_xml.pw3af').read() | |
57 | with open(profile, "r") as scan_profile_file: | |
58 | scan_profile = "[output.xml_file]\noutput_file = %s\n%s\n" % (args.output, scan_profile_file.read()) | |
59 | # scan_profile = file('/root/tools/w3af/profiles/fast_scan.pw3af').read() | |
60 | ||
61 | target_urls = [args.target] | |
62 | ||
63 | scan = Scan(conn) | |
64 | s = scan.start(scan_profile, target_urls) | |
65 | time.sleep(2) | |
66 | ||
67 | # Wait some time for the scan to start and then | |
68 | scan.get_urls() | |
69 | scan.get_log() | |
70 | scan.get_findings() | |
71 | ||
72 | while(scan.get_status()['status'] == "Running"): | |
73 | print('Scan progress: %s' + str(scan.get_status()['rpm'])) | |
74 | time.sleep(2) | |
75 | ||
76 | if __name__ == "__main__": | |
77 | main() | |
78 | # I'm Py3⏎ |
0 | #!/usr/bin/env python3 | |
1 | ### | |
2 | ## Faraday Penetration Test IDE | |
3 | ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
4 | ## See the file 'doc/LICENSE' for the license information | |
5 | ### | |
6 | ||
7 | ''' | |
8 | By tartamar | |
9 | ''' | |
10 | ||
11 | from builtins import input | |
12 | ||
13 | import argparse | |
14 | import time | |
15 | import re | |
16 | from pprint import pprint | |
17 | from zapv2 import ZAPv2 | |
18 | import subprocess | |
19 | import os | |
20 | import signal | |
21 | import atexit | |
22 | child_pid = None | |
23 | ||
24 | ||
25 | def kill_child(): | |
26 | global child_pid | |
27 | if child_pid is None: | |
28 | pass | |
29 | else: | |
30 | os.kill(child_pid, signal.SIGTERM) | |
31 | ||
32 | ||
33 | def is_http_url(page): | |
34 | """ | |
35 | Returns true if s is valid http url, else false | |
36 | Arguments: | |
37 | - `page`: | |
38 | """ | |
39 | if re.findall('http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+', page): | |
40 | return True | |
41 | else: | |
42 | return False | |
43 | ||
44 | ||
45 | def exportfile(filename,zap): | |
46 | ||
47 | #Output for XML Report | |
48 | print('Generating XML Report...') | |
49 | filex = open(filename, 'w') | |
50 | filex.write(zap.core.xmlreport) | |
51 | filex.close() | |
52 | ||
53 | ||
54 | def main(): | |
55 | ||
56 | atexit.register(kill_child) | |
57 | ||
58 | my_env = os.environ | |
59 | cmd = my_env["CS_ZAP"] if 'CS_ZAP' in my_env else "/usr/share/zaproxy/zap.sh" | |
60 | ||
61 | # Parser argument in command line | |
62 | parser = argparse.ArgumentParser(description='PyZap is develop for automating security testing') | |
63 | parser.add_argument('-t', '--target', help='Network or Host for scan', required=False) | |
64 | parser.add_argument('-o', '--output', help='Output file', required=False) | |
65 | args = parser.parse_args() | |
66 | ||
67 | # Review de Command input | |
68 | if args.target is None: | |
69 | # Do nothing | |
70 | # Input data for test | |
71 | target = input('[+] Enter your target: ') | |
72 | if is_http_url(target) is True: | |
73 | print('[-] Target selected: ', target) | |
74 | else: | |
75 | print('[w] Please type a correct URL address') | |
76 | quit() | |
77 | else: | |
78 | # Check for valid URL addres | |
79 | if is_http_url(args.target) is True: | |
80 | target = args.target | |
81 | print('[-] Target selected: ', target) | |
82 | else: | |
83 | print('[w] Please type a correct URL Address') | |
84 | quit() | |
85 | print('Starting ZAP ...') | |
86 | ||
87 | global child_pid | |
88 | proc = subprocess.Popen([cmd, '-daemon']) | |
89 | child_pid = proc.pid | |
90 | ||
91 | print('Waiting for ZAP to load, 10 seconds ...') | |
92 | time.sleep(10) | |
93 | zap = ZAPv2() | |
94 | # Use the line below if ZAP is not listening on 8090 | |
95 | zap = ZAPv2(proxies={'http': 'http://127.0.0.1:8080', 'https': 'http://127.0.0.1:8080'}) | |
96 | ||
97 | # do stuff | |
98 | print('Accessing target %s' % target) | |
99 | # try have a unique enough session... | |
100 | zap.urlopen(target) | |
101 | # Give the sites tree a chance to get updated | |
102 | time.sleep(2) | |
103 | ||
104 | print('Spidering target %s' % target) | |
105 | print(target) | |
106 | zap.spider.scan(target) | |
107 | # Give the Spider a chance to start | |
108 | time.sleep(2) | |
109 | # print 'Status %s' % zap.spider.status | |
110 | while(int(zap.spider.status) < 100): | |
111 | print('Spider progress %: ' + zap.spider.status) | |
112 | time.sleep(2) | |
113 | ||
114 | print('Spider completed') | |
115 | # Give the passive scanner a chance to finish | |
116 | time.sleep(5) | |
117 | ||
118 | print('Scanning target %s' % target) | |
119 | zap.ascan.scan(target) | |
120 | while(int(zap.ascan.status) < 100): | |
121 | print('Scan progress %: ' + zap.ascan.status) | |
122 | time.sleep(5) | |
123 | ||
124 | print('Scan completed') | |
125 | ||
126 | # Report the results | |
127 | ||
128 | print('Hosts: ' + ', '.join(zap.core.hosts)) | |
129 | # print 'Alerts: ' | |
130 | # pprint (zap.core.alerts()) | |
131 | # pprint (zap.core.xmlreport()) | |
132 | exportfile(args.output,zap) | |
133 | ||
134 | print('Shutting down ZAP ...') | |
135 | zap.core.shutdown | |
136 | #EOF | |
137 | ||
138 | if __name__ == "__main__": | |
139 | main() | |
140 | # I'm Py3⏎ |
0 | #!/bin/bash | |
1 | ||
2 | xml=msf-workspace.xml | |
3 | if ! test -f $xml; then | |
4 | echo XML file $xml not found | |
5 | exit 1 | |
6 | fi | |
7 | ||
8 | NAME="$(date +%s)-$(basename $0)" | |
9 | echo "Run msfrpc plugin.." | |
10 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
11 | --log $(realpath $3$NAME.log) \ | |
12 | --xml $xml \ | |
13 | --resource auto_cred_checker.rc \ | |
14 | --options THREADS=100 | |
15 | ||
16 | cp $2$NAME.xml $xml |
0 | #!/bin/bash | |
1 | ||
2 | xml=msf-workspace.xml | |
3 | if ! test -f $xml; then | |
4 | echo XML file $xml not found | |
5 | exit 1 | |
6 | fi | |
7 | ||
8 | NAME="$(date +%s)-$(basename $0)" | |
9 | echo "Run msfrpc plugin.." | |
10 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
11 | --log $(realpath $3$NAME.log) \ | |
12 | --xml $xml \ | |
13 | --resource auto_brute.rc \ | |
14 | --options THREADS=100 | |
15 | ||
16 | cp $2$NAME.xml $xml |
0 | #!/bin/bash | |
1 | ||
2 | xml=msf-workspace.xml | |
3 | modules_file=msf-modules.txt | |
4 | ||
5 | if ! test -f $xml; then | |
6 | echo XML file $xml not found | |
7 | exit 1 | |
8 | elif ! test -f $modules_file; then | |
9 | echo no modules file found | |
10 | exit 2 | |
11 | fi | |
12 | ||
13 | while read m; do | |
14 | NAME="$(date +%s)-$(basename $0)" | |
15 | echo "Run msfrpc plugin.." | |
16 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
17 | --log $(realpath $3$NAME.log) \ | |
18 | --xml $xml \ | |
19 | --resource autoexploit.rc \ | |
20 | --options MODE=check:MODULE=$m | |
21 | done <$modules_file |
0 | #!/bin/bash | |
1 | ||
2 | xml=msf-workspace.xml | |
3 | modules_file=msf-modules.txt | |
4 | ||
5 | if ! test -f $xml; then | |
6 | echo XML file $xml not found | |
7 | exit 1 | |
8 | elif ! test -f $modules_file; then | |
9 | echo no modules file found | |
10 | exit 2 | |
11 | fi | |
12 | ||
13 | while read m; do | |
14 | NAME="$(date +%s)-$(basename $0)" | |
15 | echo "Run msfrpc plugin.." | |
16 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
17 | --log $(realpath $3$NAME.log) \ | |
18 | --xml $xml \ | |
19 | --resource autoexploit.rc \ | |
20 | --options MODE=dry:MODULE=$m | |
21 | done <$modules_file |
0 | #!/bin/bash | |
1 | ||
2 | xml=msf-workspace.xml | |
3 | modules_file=msf-modules.txt | |
4 | ||
5 | if ! test -f $xml; then | |
6 | echo XML file $xml not found | |
7 | exit 1 | |
8 | elif ! test -f $modules_file; then | |
9 | echo no modules file found | |
10 | exit 2 | |
11 | fi | |
12 | ||
13 | while read m; do | |
14 | NAME="$(date +%s)-$(basename $0)" | |
15 | echo "Run msfrpc plugin.." | |
16 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
17 | --log $(realpath $3$NAME.log) \ | |
18 | --xml $xml \ | |
19 | --resource autoexploit.rc \ | |
20 | --options MODE=exploit:MODULE=$m | |
21 | done <$modules_file |
0 | #!/bin/bash | |
1 | ||
2 | xml=msf-workspace.xml | |
3 | if ! test -f $xml; then | |
4 | echo XML file $xml not found | |
5 | exit 1 | |
6 | fi | |
7 | ||
8 | NAME="$(date +%s)-$(basename $0)" | |
9 | echo "Run msfrpc plugin.." | |
10 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
11 | --log $(realpath $3$NAME.log) \ | |
12 | --xml $xml \ | |
13 | --resource $(realpath scripts/resources/autosploit.rc) \ | |
14 | --options THREADS=100:TARGET_PLATFORM=aix,android,bsdi,dialup,firefox,freebsd,hpux,irix,linux,mainframe,multi,netware,solaris,unix,windows:BLACKLIST=freebsd/samba/trans2open,linux/samba/trans2open,osx/samba/trans2open,solaris/samba/trans2open | |
15 | ||
16 | cp $2$NAME.xml $xml |
0 | #!/bin/bash | |
1 | ||
2 | modules_file=msf-modules.txt | |
3 | if ! test -f $modules_file; then | |
4 | echo no modules file found | |
5 | exit 1 | |
6 | fi | |
7 | ||
8 | while read h; do | |
9 | NAME="$(date +%s)-$(basename $0)-$h" | |
10 | echo "Run msfrpc plugin.." | |
11 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
12 | --log $(realpath $3$NAME.log) \ | |
13 | --modules $(sed ':a;N;$!ba;s/\n/,/g' $modules_file) \ | |
14 | --options RHOSTS=$h:RHOST=$h \ | |
15 | --command=run | |
16 | done <$1 |
0 | #!/bin/bash | |
1 | ||
2 | xml=msf-workspace.xml | |
3 | if ! test -f $xml; then | |
4 | echo XML file $xml not found | |
5 | exit 1 | |
6 | fi | |
7 | ||
8 | NAME="$(date +%s)-$(basename $0)" | |
9 | echo "Run msfrpc plugin.." | |
10 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
11 | --log $(realpath $3$NAME.log) \ | |
12 | --xml $xml \ | |
13 | --resource mssql_brute.rc \ | |
14 | --options THREADS=100 | |
15 | ||
16 | cp $2$NAME.xml $xml |
0 | #!/bin/bash | |
1 | ||
2 | xml=msf-workspace.xml | |
3 | if ! test -f $xml; then | |
4 | echo XML file $xml not found | |
5 | exit 1 | |
6 | fi | |
7 | ||
8 | NAME="$(date +%s)-$(basename $0)" | |
9 | echo "Run msfrpc plugin.." | |
10 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
11 | --log $(realpath $3$NAME.log) \ | |
12 | --resource nessus_vulns_cleaner.rc \ | |
13 | --xml $xml | |
14 | ||
15 | cp $2$NAME.xml $xml |
0 | #!/bin/bash | |
1 | ||
2 | xml=msf-workspace.xml | |
3 | if ! test -f $xml; then | |
4 | echo XML file $xml not found | |
5 | exit 1 | |
6 | fi | |
7 | ||
8 | NAME="$(date +%s)-$(basename $0)" | |
9 | echo "Run msfrpc plugin.." | |
10 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
11 | --log $(realpath $3$NAME.log) | |
12 | --resource port_cleaner.rc \ | |
13 | --xml $xml | |
14 | ||
15 | cp $2$NAME.xml $xml |
0 | #!/bin/bash | |
1 | ||
2 | xml=msf-workspace.xml | |
3 | if ! test -f $xml; then | |
4 | echo XML file $xml not found | |
5 | exit 1 | |
6 | fi | |
7 | ||
8 | NAME="$(date +%s)-$(basename $0)" | |
9 | echo "Run msfrpc plugin.." | |
10 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
11 | --log $(realpath $3$NAME.log) \ | |
12 | --xml $xml \ | |
13 | --resource $(realpath scripts/resources/autoscan.rc) \ | |
14 | --options MAX_LEN=100:THREADS=100:BLACKLIST=scanner/telnet/brocade_enable_login,scanner/rogue/rogue_recv \ | |
15 | --quiet | |
16 | ||
17 | cp $2$NAME.xml $xml |
0 | #!/bin/bash | |
1 | ||
2 | NAME="$(date +%s)-$(basename $0)" | |
3 | echo "Run msfrpc plugin.." | |
4 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
5 | --log $(realpath $3$NAME.log) \ | |
6 | --resource basic_discovery.rc \ | |
7 | --options THREADS=100:NMAP=true:NMAPOPTS="$CS_NMAP_ARGS":RHOSTS=$(sed ':a;N;$!ba;s/\n/,/g' $1) | |
8 | ||
9 | cp $2$NAME.xml msf-workspace.xml |
0 | #!/bin/bash | |
1 | ||
2 | NAME="$(date +%s)-$(basename $0)" | |
3 | echo "Run msfrpc plugin.." | |
4 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
5 | --log $(realpath $3$NAME.log) \ | |
6 | --resource basic_discovery.rc \ | |
7 | --options THREADS=100:NMAP=false:RHOSTS=$(sed ':a;N;$!ba;s/\n/,/g' $1) | |
8 | ||
9 | cp $2$NAME.xml msf-workspace.xml |
0 | #!/bin/bash | |
1 | ||
2 | NAME="$(date +%s)-$(basename $0)" | |
3 | echo "Run msfrpc plugin.." | |
4 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
5 | --log $(realpath $3$NAME.log) \ | |
6 | --resource portscan.rc \ | |
7 | --options THREADS=100:NMAP=true:NMAPOPTS=$CS_NMAP_ARGS:RHOSTS=$(sed ':a;N;$!ba;s/\n/,/g' $1) | |
8 | ||
9 | cp $2$NAME.xml msf-workspace.xml |
0 | #!/bin/bash | |
1 | ||
2 | NAME="$(date +%s)-$(basename $0)" | |
3 | echo "Run msfrpc plugin.." | |
4 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
5 | --log $(realpath $3$NAME.log) \ | |
6 | --resource portscan.rc \ | |
7 | --options THREADS=100:NMAP=false:RHOSTS=$(sed ':a;N;$!ba;s/\n/,/g' $1) | |
8 | ||
9 | cp $2$NAME.xml msf-workspace.xml |
0 | #!/bin/bash | |
1 | ### | |
2 | ## Faraday Penetration Test IDE | |
3 | ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
4 | ## See the file 'doc/LICENSE' for the license information | |
5 | ### | |
6 | ||
7 | while read h; do | |
8 | NAME="nessus_$(date +%s).xml" | |
9 | echo plugin/nessus.py --target $h --output $2$NAME | |
10 | ./plugin/nessus.py --target $h --output $2$NAME | |
11 | done <$1 |
0 | #!/bin/bash | |
1 | ### | |
2 | ## Faraday Penetration Test IDE | |
3 | ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
4 | ## See the file 'doc/LICENSE' for the license information | |
5 | ### | |
6 | ||
7 | NAME="nmap_$(date +%s).xml" | |
8 | ${CS_NMAP:=nmap} $CS_NMAP_ARGS -iL $1 -oX $2$NAME |
0 | #!/bin/bash | |
1 | ### | |
2 | ## Faraday Penetration Test IDE | |
3 | ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
4 | ## See the file 'doc/LICENSE' for the license information | |
5 | ### | |
6 | ||
7 | # ------------- | |
8 | # CONFIG PARAMS | |
9 | # ------------- | |
10 | # Your Dashboard login data | |
11 | USER_NAME=${CS_OPENVAS_USER:=admin} | |
12 | # If you set this to None, you will be asked on startup | |
13 | USER_PASSWORD=${CS_OPENVAS_PASSWORD:=openvas} | |
14 | ||
15 | # Your targets, seperated by space | |
16 | #TARGET_SRVS="localhost" | |
17 | # The name of the OpenVAS preset for the scan | |
18 | # The following configs are available by default: | |
19 | # Discovery | |
20 | # empty | |
21 | # Full and fast | |
22 | # Full and fast ultimate | |
23 | # Full and very deep | |
24 | # Full and very deep ultimate | |
25 | # Host Discovery | |
26 | # System Discovery | |
27 | SCAN_CONFIG=${CS_OPENVAS_SCAN_CONFIG:='Full and fast'} | |
28 | # A valid "alive_test" parameter | |
29 | # Defines how it is determined if the targets are alive | |
30 | # Currently, valid values are the following: | |
31 | # Scan Config Default | |
32 | # ICMP, TCP-ACK Service & ARP Ping | |
33 | # TCP-ACK Service & ARP Ping | |
34 | # ICMP & ARP Ping | |
35 | # ICMP & TCP-ACK Service Ping | |
36 | # ARP Ping | |
37 | # TCP-ACK Service Ping | |
38 | # TCP-SYN Service Ping | |
39 | # ICMP Ping | |
40 | # Consider Alive | |
41 | ALIVE_TEST=${CS_OPENVAS_ALIVE_TEST:='ICMP, TCP-ACK Service & ARP Ping'} | |
42 | ||
43 | CS_OMP=${CS_OPENVAS:=omp} | |
44 | ||
45 | ||
46 | function fail { | |
47 | echo "There was an error during execution! Current action: $1" | |
48 | exit 1 | |
49 | } | |
50 | ||
51 | function sindex { | |
52 | x="${1%%$2*}" | |
53 | [[ $x = $1 ]] && echo -1 || echo ${#x} | |
54 | } | |
55 | ||
56 | ||
57 | THREAT=0 | |
58 | ADDRS="" | |
59 | SRV=$1 | |
60 | ||
61 | while read h; do | |
62 | ||
63 | echo "Processing target $h..." | |
64 | ||
65 | echo $CS_OMP -u $USER_NAME -w $USER_PASSWORD --xml=\ | |
66 | "<create_target>\ | |
67 | <name>TARG$(date +%s)</name><hosts>$h</hosts>\ | |
68 | <alive_tests>$ALIVE_TEST</alive_tests>\ | |
69 | </create_target>" | |
70 | ||
71 | TARGET_RETURN=$($CS_OMP -u $USER_NAME -w $USER_PASSWORD --xml=\ | |
72 | "<create_target>\ | |
73 | <name>TARG$(date +%s)</name><hosts>$h</hosts>\ | |
74 | <alive_tests>$ALIVE_TEST</alive_tests>\ | |
75 | </create_target>") | |
76 | echo "$TARGET_RETURN" | grep -m1 'resource created' || fail 'creating target' | |
77 | ||
78 | T_ID_INDEX=$(sindex "$TARGET_RETURN" "id=") | |
79 | T_ID_INDEX=$((T_ID_INDEX + 4)) | |
80 | T_ID=${TARGET_RETURN:T_ID_INDEX:36} | |
81 | echo "> Target has ID $T_ID" | |
82 | ||
83 | C_ID=$($CS_OMP -u $USER_NAME -w $USER_PASSWORD -g | grep -i "$TEST_CONFIG") | |
84 | if [ $? -ne 0 ]; then fail 'getting configs'; fi | |
85 | ||
86 | C_ID=${C_ID:0:36} | |
87 | echo "> Config $TEST_CONFIG has ID $C_ID" | |
88 | ||
89 | J_ID=$($CS_OMP -u $USER_NAME -w $USER_PASSWORD -C -n "CScan openvas" \ | |
90 | --target="$T_ID" --config="$C_ID") | |
91 | if [ $? -ne 0 ]; then fail 'creating job'; fi | |
92 | echo "> Created job with ID $J_ID" | |
93 | ||
94 | R_ID=$($CS_OMP -u $USER_NAME -w $USER_PASSWORD -S "$J_ID") | |
95 | if [ $? -ne 0 ]; then fail 'starting job'; fi | |
96 | echo "> Started job, report gets ID $R_ID" | |
97 | ||
98 | while true; do | |
99 | RET=$($CS_OMP -u $USER_NAME -w $USER_PASSWORD -G) | |
100 | if [ $? -ne 0 ]; then fail 'querying jobs'; fi | |
101 | RET=$(echo "$RET" | grep -m1 "$J_ID") | |
102 | echo $RET | |
103 | echo "$RET" | grep -m1 -i "fail" && fail 'running job' | |
104 | echo "$RET" | grep -m1 -i -E "done|Stopped" && break | |
105 | sleep 1 | |
106 | done | |
107 | ||
108 | echo "> Job done, generating report..." | |
109 | ||
110 | FILENAME=${h// /_} | |
111 | FILENAME="openvas_${FILENAME//[^a-zA-Z0-9_\.\-]/}_$(date +%s)" | |
112 | $CS_OMP -u $USER_NAME -w $USER_PASSWORD -R "$R_ID" > $2$FILENAME.xml | |
113 | if [ $? -ne 0 ]; then fail 'getting report'; fi | |
114 | ||
115 | echo "Scan done" | |
116 | ||
117 | echo "Remove task" | |
118 | $CS_OMP -u $USER_NAME -w $USER_PASSWORD -D "$J_ID" | |
119 | ||
120 | ||
121 | done <$1 |
0 | # autoscan.rc | |
1 | # Author: Sliim (Github: @Sliim / Twitter: @_Sliim_) | |
2 | ||
3 | # This Metasploit resource script will run several auxiliary scanners | |
4 | # against present hosts in current workspace. It get all services for | |
5 | # all hosts, and try to find auxiliary modules starting with `scanner/` | |
6 | # where default RPORT option match with a service. | |
7 | # We can blacklist some modules we don't want, the BLACKLIST option | |
8 | # is a comma separated list of module to disable. | |
9 | ||
10 | <ruby> | |
11 | begin | |
12 | framework.db.hosts | |
13 | rescue ::ActiveRecord::ConnectionNotEstablished | |
14 | print_error("Database connection isn't established") | |
15 | return | |
16 | end | |
17 | ||
18 | # Check for blacklisted modules | |
19 | blacklist = [] | |
20 | if (framework.datastore['BLACKLIST'] != nil) | |
21 | blacklist = framework.datastore['BLACKLIST'].split(',') | |
22 | end | |
23 | ||
24 | scanners = {} | |
25 | count = 0 | |
26 | ran = 0 | |
27 | ||
28 | print_status("Getting scanners list, this may take a while...") | |
29 | framework.db.hosts.each do |host| | |
30 | port_list = [] | |
31 | scanners[host.address] = [] | |
32 | print_status("Host: #{host.address} - #{host.os_name}") | |
33 | print_status("Services: ") | |
34 | host.services.each do |serv| | |
35 | next if not serv.host | |
36 | next if (serv.state != Msf::ServiceState::Open) | |
37 | print_status("> :#{serv.port.to_i} - #{serv.proto} - #{serv.name}") | |
38 | port_list << serv.port.to_i if not port_list.include? serv.port.to_i | |
39 | end | |
40 | ||
41 | framework.modules.auxiliary.each do |name, mod| | |
42 | next if blacklist.include? name | |
43 | next if not name.starts_with? "scanner/" | |
44 | next unless mod | |
45 | m = mod.new | |
46 | next unless m.datastore.has_key? 'RPORT' | |
47 | if port_list.include? m.datastore['RPORT'].to_i | |
48 | scanners[host.address] << name | |
49 | count += 1 | |
50 | end | |
51 | end | |
52 | end | |
53 | ||
54 | print_status("Ok! Launching #{count} scanners..") | |
55 | scanners.each do |host, s| | |
56 | s.each do |scanner| | |
57 | print_line("[#{ran+1}/#{count}] Deploying auxiliary #{scanner} against #{host}") | |
58 | run_single("use #{scanner}") | |
59 | run_single("set RHOSTS #{host}") | |
60 | run_single("show options") | |
61 | run_single("run") | |
62 | ran += 1 | |
63 | end | |
64 | end | |
65 | ||
66 | print_status("Done. Deployed #{ran} scanners.") | |
67 | </ruby> |
0 | # autosploit.rc | |
1 | # Author: Sliim (Github: @Sliim / Twitter: @_Sliim_) | |
2 | ||
3 | # This Metasploit resource script will run several exploits against | |
4 | # present hosts in current workspace. It get all services for all hosts, | |
5 | # and try to find exploits where default RPORT option match with a service. | |
6 | # We can blacklist some modules we don't want, the BLACKLIST option is a | |
7 | # comma separated list of module to disable. | |
8 | # The TARGET_PLATFORM option can be used to define which platform we target | |
9 | # (ex: if all hosts are linux os, no need to launch windows exploits). | |
10 | # Tested on metasploitable 2. Got 6/7 shells without effort :) | |
11 | ||
12 | <ruby> | |
13 | begin | |
14 | framework.db.hosts | |
15 | rescue ::ActiveRecord::ConnectionNotEstablished | |
16 | print_error("Database connection isn't established") | |
17 | return | |
18 | end | |
19 | ||
20 | # Check for target platform list | |
21 | if (framework.datastore['TARGET_PLATFORM'] == nil) | |
22 | run_single("setg TARGET_PLATFORM aix,android,apple_ios,bsdi,dialup,firefox,freebsd,hpux,irix,linux,mainframe,multi,netware,osx,solaris,unix,windows") | |
23 | end | |
24 | ||
25 | # Check for blacklisted modules | |
26 | blacklist = [] | |
27 | if (framework.datastore['BLACKLIST'] != nil) | |
28 | blacklist = framework.datastore['BLACKLIST'].split(',') | |
29 | end | |
30 | ||
31 | sploits = {} | |
32 | count = 0 | |
33 | ran = 0 | |
34 | ||
35 | print_status("Getting vulns list, this may take a while...") | |
36 | framework.db.hosts.each do |host| | |
37 | port_list = [] | |
38 | sploits[host.address] = [] | |
39 | print_status("Host: #{host.address} - #{host.os_name}") | |
40 | print_status("Services: ") | |
41 | host.services.each do |serv| | |
42 | next if not serv.host | |
43 | next if (serv.state != Msf::ServiceState::Open) | |
44 | print_status("> :#{serv.port} - #{serv.proto} - #{serv.name}") | |
45 | port_list << serv.port.to_i if not port_list.include? serv.port.to_i | |
46 | end | |
47 | ||
48 | framework.modules.exploits.each do |name, mod| | |
49 | next if not framework.datastore['TARGET_PLATFORM'].split(',').include? name.split('/')[0] | |
50 | next if blacklist.include? name | |
51 | ||
52 | # TODO Improve platform detection / exploit selection | |
53 | if host.os_name | |
54 | next if name.split('/')[0] == 'windows' && ! host.os_name.match(/Windows/) | |
55 | next if name.split('/')[0] != 'windows' && host.os_name.match(/Windows/) | |
56 | end | |
57 | next unless mod | |
58 | m = mod.new | |
59 | next unless m.datastore.has_key? 'RPORT' | |
60 | if port_list.include? m.datastore['RPORT'].to_i | |
61 | sploits[host.address] << name | |
62 | count += 1 | |
63 | end | |
64 | end | |
65 | end | |
66 | ||
67 | print_status("Ok dude! I found #{count} matching sploits! #{'Take a beer!' if count > 100}") | |
68 | ||
69 | sploits.each do |host, s| | |
70 | s.each do |sploit| | |
71 | print_status("[#{ran+1}/#{count}] Deploying exploit #{sploit} against #{host}") | |
72 | run_single("use #{sploit}") | |
73 | run_single("set RHOST #{host}") | |
74 | run_single("set LPORT #{4444 + rand(65535-44444)}") | |
75 | run_single("show options") | |
76 | run_single("exploit -z") | |
77 | ran += 1 | |
78 | print_status('Take another beer ;)') if ran % 100 == 0 | |
79 | end | |
80 | end | |
81 | ||
82 | print_status("Done. Tried #{ran}/#{count} exploits.") | |
83 | </ruby> |
0 | #!/bin/bash | |
1 | ### | |
2 | ## Faraday Penetration Test IDE | |
3 | ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
4 | ## See the file 'doc/LICENSE' for the license information | |
5 | ### | |
6 | CMD=${CS_BURP:=/root/tools/burpsuite_pro_v1.6.26.jar} | |
7 | while read h; do | |
8 | NAME="burp_$(date +%s).xml" | |
9 | echo java -jar -Xmx1g -Djava.awt.headless=true $CMD $h XML $2$NAME | |
10 | java -jar -Xmx1g -Djava.awt.headless=true $CMD $h XML $2$NAME | |
11 | done <$1 |
0 | #!/bin/bash | |
1 | ||
2 | xml=msf-workspace.xml | |
3 | if ! test -f $xml; then | |
4 | echo XML file $xml not found | |
5 | exit 1 | |
6 | fi | |
7 | ||
8 | NAME="$(date +%s)-$(basename $0)" | |
9 | echo "Run msfrpc plugin.." | |
10 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
11 | --log $(realpath $3$NAME.log) \ | |
12 | --xml $xml \ | |
13 | --resource autocrawler.rc \ | |
14 | --options THREADS=100 | |
15 | ||
16 | cp $2$NAME.xml $xml |
0 | #!/bin/bash | |
1 | ||
2 | while read h; do | |
3 | NAME="$(date +%s)-$(basename $0)" | |
4 | HOST=$(echo $h | cut -d/ -f3 | cut -d: -f1) | |
5 | PORT=$(echo $h | cut -d/ -f3 | cut -d: -f2) | |
6 | echo "Run msfrpc plugin.." | |
7 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
8 | --log $(realpath $3$NAME.log) \ | |
9 | --modules auxiliary/scanner/http/dir_scanner \ | |
10 | --options RHOSTS=$HOST:RPORT=$PORT \ | |
11 | --command=run | |
12 | done <$1 |
0 | #!/bin/bash | |
1 | ||
2 | xml=msf-workspace.xml | |
3 | if ! test -f $xml; then | |
4 | echo XML file $xml not found | |
5 | exit 1 | |
6 | fi | |
7 | ||
8 | NAME="$(date +%s)-$(basename $0)" | |
9 | echo "Run msfrpc plugin.." | |
10 | ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \ | |
11 | --log $(realpath $3$NAME.log) \ | |
12 | --xml $xml \ | |
13 | --resource wmap_autotest.rc \ | |
14 | --options THREADS=100:WMAP_PROFILE=profile | |
15 | ||
16 | cp $2$NAME.xml $xml |
0 | #!/bin/bash | |
1 | ### | |
2 | ## Faraday Penetration Test IDE | |
3 | ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
4 | ## See the file 'doc/LICENSE' for the license information | |
5 | ### | |
6 | while read h; do | |
7 | NAME="nikto_$(date +%s).xml" | |
8 | ${CS_NIKTO:=nikto} $CS_NIKTO_ARGS -host $h -output $2$NAME -Format XML | |
9 | done <$1 |
0 | #!/bin/bash | |
1 | ### | |
2 | ## Faraday Penetration Test IDE | |
3 | ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
4 | ## See the file 'doc/LICENSE' for the license information | |
5 | ### | |
6 | ||
7 | ||
8 | while read h; do | |
9 | NAME="w3af_$(date +%s).xml" | |
10 | echo plugin/w3af.py --target $h --output $2$NAME | |
11 | ./plugin/w3af.py --target $h --output $2$NAME | |
12 | done <$1 | |
13 | #fix zombie w3af | |
14 | kill -9 $(ps aux | grep w3af_api | awk -F" " {'print $2'}) 2> /dev/null |
0 | #!/bin/bash | |
1 | ### | |
2 | ## Faraday Penetration Test IDE | |
3 | ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
4 | ## See the file 'doc/LICENSE' for the license information | |
5 | ### | |
6 | ||
7 | while read h; do | |
8 | NAME="zap_$(date +%s).xml" | |
9 | echo ./plugin/zap.py --target $h --output $2$NAME | |
10 | ./plugin/zap.py --target $h --output $2$NAME | |
11 | done <$1⏎ |
0 | import faraday.server.config | |
1 | from faraday.server.models import ( | |
2 | Host, | |
3 | Service, | |
4 | Workspace, | |
5 | VulnerabilityWeb, | |
6 | ) | |
7 | ||
8 | import sys | |
9 | from datetime import datetime | |
10 | from sqlalchemy import create_engine, text | |
11 | from sqlalchemy.orm import sessionmaker | |
12 | ||
13 | ||
14 | def change_vulns(affected_vulns, workspace): | |
15 | vulns_id = [] | |
16 | for vuln in affected_vulns: | |
17 | assert vuln.service_id == None and vuln.type == 'vulnerability_web' | |
18 | session.execute(text(""" | |
19 | UPDATE vulnerability SET type=\'vulnerability\' where id= :affected_vuln_id ; | |
20 | """), {'affected_vuln_id': vuln.id}) | |
21 | ||
22 | vulns_id.append(vuln.id) | |
23 | session.commit() | |
24 | ||
25 | print("[+] {vulns_length} vulnerabilities changed in workspace named {ws_name}" | |
26 | .format(vulns_length=len(affected_vulns), | |
27 | ws_name=workspace.name)) | |
28 | print(" Vulnerabilities ID: {ids}".format(ids=vulns_id)) | |
29 | ||
30 | ||
31 | conn_string = faraday.server.config.database.connection_string | |
32 | engine = create_engine(conn_string) | |
33 | Session = sessionmaker(bind=engine) | |
34 | session = Session() | |
35 | ||
36 | workspaces = session.query(Workspace) | |
37 | ||
38 | log_file = 'fix_vulnweb_without_service_logs.log' | |
39 | with open(log_file, 'a') as log: | |
40 | date_executed = 'Script executed at {}\n'.format(datetime.now().strftime("%m-%d-%Y %H:%M")) | |
41 | log.write(date_executed) | |
42 | ||
43 | # Redirect prints to log file | |
44 | orig_stdout = sys.stdout | |
45 | sys.stdout = log | |
46 | ||
47 | for ws in workspaces.all(): | |
48 | vulns_web = session.query(VulnerabilityWeb).filter_by(workspace_id=ws.id, service_id=None) | |
49 | if vulns_web.all(): | |
50 | change_vulns(vulns_web.all(), ws) | |
51 | else: | |
52 | print("[-] No vulnerabilities to change in workspace named {ws_name}".format(ws_name=ws.name)) | |
53 | ||
54 | sys.stdout = orig_stdout | |
55 | ||
56 | # Print log file | |
57 | with open(log_file, 'r') as log: | |
58 | print(log.read()) | |
59 | ||
60 | print("Logs saved in file named {}".format(log_file)) | |
61 | # I'm Py3⏎ |
0 | #!/usr/bin/env python | |
1 | ''' | |
2 | Faraday Penetration Test IDE | |
3 | Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/) | |
4 | See the file 'doc/LICENSE' for the license information | |
5 | ||
6 | ''' | |
7 | import sys | |
8 | import xmlrpc.client | |
9 | import argparse | |
10 | import base64 | |
11 | ||
12 | from reposify_api import * | |
13 | ||
14 | __author__ = "Reposify" | |
15 | __version__ = "1.0.0" | |
16 | __email__ = "[email protected]" | |
17 | __status__ = "Development" | |
18 | ||
19 | ||
20 | def strip_non_ascii(string): | |
21 | ''' Returns the string without non ASCII characters''' | |
22 | stripped = (c for c in string if 0 < ord(c) < 127) | |
23 | return ''.join(stripped) | |
24 | ||
25 | def send_faraday(results): | |
26 | for device in results['devices']: | |
27 | send_faraday_device(device) | |
28 | ||
29 | ||
30 | def send_faraday_device(result): | |
31 | print('IP: %s' % result['ip_address']) | |
32 | ||
33 | if args.debug == "1": | |
34 | print('===============') | |
35 | for key in result.keys(): | |
36 | print("kname:" + key + ", value:" + str(result[key])) | |
37 | ||
38 | h_id = api.createAndAddHost(str(result['ip_address'])) | |
39 | i_id = api.createAndAddInterface(h_id,str(result['ip_address']),"00:00:00:00:00:00", str(result['ip_address']), "0.0.0.0", "0.0.0.0",[], | |
40 | "0000:0000:0000:0000:0000:0000:0000:0000","00","0000:0000:0000:0000:0000:0000:0000:0000", | |
41 | [],"",result['domain'] if result['domain'] is not None else []) | |
42 | ||
43 | for service in result['services']: | |
44 | s_id = api.createAndAddServiceToInterface(h_id, i_id, str(service['name']) if service.has_key('name') else str(service['port']), | |
45 | "tcp",[int(service['port'])],"open",str(service['version']) if service.has_key('version') else "") | |
46 | if service['banner'] is not None: | |
47 | service['banner'] = base64.b64encode(strip_non_ascii(str(service['banner']))) #fix: to avoid non ascii caracters | |
48 | ||
49 | if service['banner'] is not None: | |
50 | n_id = api.createAndAddNoteToService(h_id,s_id,"banner",str(service['banner'])) | |
51 | ||
52 | #Notes - Information geo/shadon | |
53 | n_id = api.createAndAddNoteToHost(h_id,"geo_country",result['location']['country_name'] if result['location']['country_name'] is not None else "" ) | |
54 | n_id = api.createAndAddNoteToHost(h_id,"geo_latitude",str(result['location']['latitude']) if result['location']['latitude'] is not None else "") | |
55 | n_id = api.createAndAddNoteToHost(h_id,"geo_longitude",str(result['location']['longitude']) if result['location']['longitude'] is not None else "") | |
56 | n_id = api.createAndAddNoteToHost(h_id,"reposify_search_banner",args.reposify_banner) | |
57 | n_id = api.createAndAddNoteToHost(h_id,"reposify_search_filters",args.reposify_filters) | |
58 | ||
59 | # Input validation | |
60 | ||
61 | #arguments parser | |
62 | parser = argparse.ArgumentParser(prog='reposify_faraday', epilog="Example: ./%(prog)s.py -q Apache") | |
63 | parser.add_argument('-b', '--banner', action="store", type=str, required=False, dest='reposify_banner', help='reposify search banner') | |
64 | parser.add_argument('-f', '--filters', action="store", type=str, required=False, dest='reposify_filters', help='reposify search filter') | |
65 | parser.add_argument('-c', '--count', action="store", type=str, required=False, dest='count', default="1", help='Numbers of pages of results to get') | |
66 | parser.add_argument('-a', '--reposify_key', action="store", type=str, required=True, dest='skey', help='reposify key api') | |
67 | parser.add_argument('--faradayapi', '-fapi', action='store', type=str, dest='faradayapi', default="http://127.0.0.1:9876/", help='Faraday URL Api') | |
68 | parser.add_argument('--debug', '-d', action='store', type=str, dest='debug', default="0", help='Debug <0>,<1>') | |
69 | parser.add_argument('--version', "-v", action='version', version='%(prog)s v1.1') | |
70 | ||
71 | #arguments put in variables | |
72 | args = parser.parse_args() | |
73 | ||
74 | try: | |
75 | # Setup the apis | |
76 | api = xmlrpc.client.ServerProxy(args.faradayapi) | |
77 | ||
78 | results = reposify_search(args.skey, args.reposify_banner, args.reposify_filters, 1) | |
79 | print('Results found: %s, banner "%s", filters "%s' % (results['total_count'], args.reposify_banner, args.reposify_filters)) | |
80 | send_faraday(results) | |
81 | ||
82 | if results['pagination']['has_more'] == True: | |
83 | for c_page in range(1,int(args.count)): | |
84 | results = reposify_search(args.skey, args.reposify_banner, args.reposify_filters, c_page + 1) | |
85 | send_faraday(results) | |
86 | if results['pagination']['has_more'] != True: | |
87 | break; | |
88 | ||
89 | except xmlrpc.client.ProtocolError as e: | |
90 | if e.errcode == 500: | |
91 | print("[ERROR] Faraday Api error:", sys.exc_info()[0]) | |
92 | pass | |
93 | else: | |
94 | print("[ERROR] Unexpected error:", sys.exc_info()[0]) | |
95 | print(e.__dict__) | |
96 | raise | |
97 | ||
98 | except Exception as e: | |
99 | print("Unexpected error:", sys.exc_info()[0]) | |
100 | print(e.__dict__) | |
101 | raise | |
102 | ||
103 | ||
104 | ||
105 | # I'm Py3⏎ |
0 | ''' | |
1 | Faraday Penetration Test IDE | |
2 | Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/) | |
3 | See the file 'doc/LICENSE' for the license information | |
4 | ||
5 | ''' | |
6 | ||
7 | import requests | |
8 | import simplejson | |
9 | ||
10 | def api_request(key, function, params=None, data=None, base_url='https://api.reposify.com', method='get', retries=1): | |
11 | """General-purpose function to create web requests to REPOSIFY. | |
12 | ||
13 | Arguments: | |
14 | function -- name of the function you want to execute | |
15 | params -- dictionary of parameters for the function | |
16 | ||
17 | Returns | |
18 | A dictionary containing the function's results. | |
19 | ||
20 | """ | |
21 | # Add the API key parameter automatically | |
22 | params['token'] = key | |
23 | ||
24 | # Send the request | |
25 | tries = 0 | |
26 | error = False | |
27 | while tries <= retries: | |
28 | try: | |
29 | if method.lower() == 'post': | |
30 | data = requests.post(base_url + function, simplejson.dumps(data), params=params, headers={'content-type': 'application/json'}) | |
31 | elif method.lower() == 'delete': | |
32 | data = requests.delete(base_url + function, params=params) | |
33 | else: | |
34 | data = requests.get(base_url + function, params=params) | |
35 | ||
36 | # Exit out of the loop | |
37 | break | |
38 | except: | |
39 | error = True | |
40 | tries += 1 | |
41 | ||
42 | if error and tries >= retries: | |
43 | raise APIError('Unable to connect to Reposify') | |
44 | ||
45 | # Check that the API key wasn't rejected | |
46 | if data.status_code == 401: | |
47 | try: | |
48 | raise APIError(data.json()['error']) | |
49 | except: | |
50 | pass | |
51 | raise APIError('Invalid API key') | |
52 | ||
53 | # Parse the text into JSON | |
54 | try: | |
55 | data = data.json() | |
56 | except: | |
57 | raise APIError('Unable to parse JSON response') | |
58 | ||
59 | # Raise an exception if an error occurred | |
60 | if type(data) == dict and data.get('error', None): | |
61 | raise APIError(data['error']) | |
62 | ||
63 | # Return the data | |
64 | return data | |
65 | ||
66 | def reposify_search(key, banner, filters, page): | |
67 | params = {'page' : page } | |
68 | if banner is not None: | |
69 | params['banner'] = banner | |
70 | if filters is not None: | |
71 | params['filters'] = filters | |
72 | res = api_request(key, '/v1/insights/search', params, None, 'https://api.reposify.com', 'get', 1) | |
73 | return res | |
74 | # I'm Py3⏎ |
0 | #!/usr/bin/env python | |
1 | ''' | |
2 | Faraday Penetration Test IDE | |
3 | Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/) | |
4 | See the file 'doc/LICENSE' for the license information | |
5 | ||
6 | ''' | |
7 | ||
8 | import shodan | |
9 | import sys | |
10 | import xmlrpc.client | |
11 | import argparse | |
12 | import base64 | |
13 | ||
14 | __author__ = "Francisco Amato" | |
15 | __copyright__ = "Copyright 2014, Faraday Project" | |
16 | __credits__ = ["Francisco Amato"] | |
17 | __license__ = "" | |
18 | __version__ = "1.0.2" | |
19 | __maintainer__ = "Francisco Amato" | |
20 | __email__ = "[email protected]" | |
21 | __status__ = "Development" | |
22 | ||
23 | # Configuration | |
24 | SHODAN_API_KEY = "" | |
25 | ||
26 | def strip_non_ascii(string): | |
27 | ''' Returns the string without non ASCII characters''' | |
28 | stripped = (c for c in string if 0 < ord(c) < 127) | |
29 | return ''.join(stripped) | |
30 | ||
31 | def send_faraday(result): | |
32 | print('IP: %s' % result['ip_str']) | |
33 | ||
34 | if result['data'] is not None: | |
35 | result['data'] = base64.b64encode(str(strip_non_ascii(result['data']))) #fix: to avoid non ascii caracters | |
36 | if args.debug == "1": | |
37 | print('===============') | |
38 | for key in result.keys(): | |
39 | print("kname:" + key + ", value:" + str(result[key])) | |
40 | ||
41 | h_id = api.createAndAddHost(str(result['ip_str']),str(result['os']) if result['os'] is not None else "") | |
42 | #i_id = api.createAndAddInterface(h_id,str(result['ip_str']),"00:00:00:00:00:00", str(result['ip_str']), "0.0.0.0", "0.0.0.0",[], | |
43 | # "0000:0000:0000:0000:0000:0000:0000:0000","00","0000:0000:0000:0000:0000:0000:0000:0000", | |
44 | # [],"",result['hostnames'] if result['hostnames'] is not None else []) | |
45 | s_id = api.createAndAddServiceToHost(h_id, str(result['product']) if result.has_key('product') else str(result['port']), | |
46 | "tcp",[str(result['port'])],"open",str(result['version']) if result.has_key('version') else "") | |
47 | ||
48 | if result['data'] is not None: | |
49 | n_id = api.createAndAddNoteToService(h_id, s_id, "shadon_response", str(result['data'])) | |
50 | ||
51 | #Notes - Information geo/shadon | |
52 | n_id = api.createAndAddNoteToHost(h_id, "geo_country", result['location']['country_name'] if result['location']['country_name'] is not None else "" ) | |
53 | n_id = api.createAndAddNoteToHost(h_id, "geo_latitude", result['location']['latitude'] if result['location']['latitude'] is not None else "") | |
54 | n_id = api.createAndAddNoteToHost(h_id, "geo_longitude", result['location']['longitude'] if result['location']['longitude'] is not None else "") | |
55 | n_id = api.createAndAddNoteToHost(h_id, "shadon_q", args.shodan_query) | |
56 | ||
57 | # Input validation | |
58 | ||
59 | #arguments parser | |
60 | parser = argparse.ArgumentParser(prog='shodan_faraday', epilog="Example: ./%(prog)s.py -q Apache") | |
61 | parser.add_argument('-q', '--query', action="store", type=str, required=True, dest='shodan_query', help='shadon search query') | |
62 | parser.add_argument('-c', '--count', action="store", type=str, required=False, dest='count', default="50", help='Numbers of results to get, for all results use "all"') | |
63 | parser.add_argument('-a', '--shodan_key', action="store", type=str, dest='skey', default=SHODAN_API_KEY, help='shodan key api') | |
64 | parser.add_argument('--faradayapi', '-fapi', action='store', type=str, dest='faradayapi', default="http://127.0.0.1:9876/", help='Faraday URL Api') | |
65 | parser.add_argument('--debug', '-d', action='store', type=str, dest='debug', default="0", help='Debug <0>,<1>') | |
66 | parser.add_argument('--version', "-v", action='version', version='%(prog)s v1.1') | |
67 | ||
68 | #arguments put in variables | |
69 | args = parser.parse_args() | |
70 | ||
71 | try: | |
72 | # Setup the apis | |
73 | api = xmlrpc.client.ServerProxy(args.faradayapi) | |
74 | shodan_api = shodan.Shodan(args.skey) | |
75 | c_page=1 | |
76 | ||
77 | results = shodan_api.search(args.shodan_query) | |
78 | print('Results found: %s, query "%s"' % (results['total'], args.shodan_query)) | |
79 | ||
80 | for r in shodan_api.search_cursor(args.shodan_query, minify=True, retries=5): | |
81 | if args.count != "all" and c_page >= int(args.count): | |
82 | break | |
83 | ||
84 | send_faraday(r) | |
85 | c_page+=1 | |
86 | ||
87 | ||
88 | except xmlrpc.client.ProtocolError as e: | |
89 | if e.errcode == 500: | |
90 | print("[ERROR] Faraday Api error:", sys.exc_info()[0]) | |
91 | pass | |
92 | else: | |
93 | print("[ERROR] Unexpected error:", sys.exc_info()[0]) | |
94 | print(e.__dict__) | |
95 | raise | |
96 | except shodan.client.APIError as e: | |
97 | print("[ERROR] :", sys.exc_info()[0]) | |
98 | raise | |
99 | ||
100 | except Exception as e: | |
101 | print("Unexpected error:", sys.exc_info()[0]) | |
102 | print(e.__dict__) | |
103 | raise | |
104 | ||
105 | ||
106 | ||
107 | # I'm Py3⏎ |
0 | ### | |
1 | ## Faraday Penetration Test IDE | |
2 | ## Copyright (C) 2014 Infobyte LLC (http://www.infobytesec.com/) | |
3 | ## See the file 'doc/LICENSE' for the license information | |
4 | ### | |
5 | # Version 1.0.0 | |
6 | 110TC2 | |
7 | 16NX073012001 | |
8 | 16NX080112001 | |
9 | 16NX080112002 | |
10 | 16NX081412001 | |
11 | 16NX081812001 | |
12 | 410TC1 | |
13 | 450TC1 | |
14 | 450TC2 | |
15 | 480TC1 | |
16 | AAM6000EV/Z2 | |
17 | AAM6010EV | |
18 | AAM6010EV/Z2 | |
19 | AAM6010EV-Z2 | |
20 | AAM6020BI | |
21 | AAM6020BI-Z2 | |
22 | AAM6020VI/Z2 | |
23 | AD3000W | |
24 | ADSL Modem | |
25 | ADSL Modem/Router | |
26 | ADSL | |
27 | AirLive ARM201 | |
28 | AirLive ARM-204 | |
29 | AirLive ARM-204 Annex A | |
30 | AirLive ARM-204 Annex B | |
31 | AirLive WT-2000ARM | |
32 | AirLive WT-2000ARM Annex A | |
33 | AirLive WT-2000ARM Annex B | |
34 | AMG1001-T10A | |
35 | APPADSL2+ | |
36 | APPADSL2V1 | |
37 | AR-7182WnA | |
38 | AR-7182WnB | |
39 | AR-7186WnA/B | |
40 | AR-7286WNA | |
41 | AR-7286WnB | |
42 | Arcor-DSL WLAN-Modem 100 | |
43 | Arcor-DSL WLAN-Modem 200 | |
44 | AZ-D140W | |
45 | Billion Sky | |
46 | BiPAC 5102C | |
47 | BiPAC 5102S | |
48 | BiPAC 5200S | |
49 | BIPAC-5100 ADSL | |
50 | BLR-TX4L | |
51 | BW554 | |
52 | C300APRA2+ | |
53 | Compact ADSL2+ | |
54 | D-5546 | |
55 | D-7704G | |
56 | Delsa Telecommunication | |
57 | D-Link_DSL-2730R | |
58 | DM 856W | |
59 | DSL-2110W | |
60 | DSL-2120 | |
61 | DSL-2140 | |
62 | DSL-2140W | |
63 | DSL-2520U | |
64 | DSL-2520U_Z2 | |
65 | DSL-2600U | |
66 | DSL-2640R | |
67 | DSL-2641R | |
68 | DSL-2680 | |
69 | DSL-2740R | |
70 | DSL-320B | |
71 | DSL-321B | |
72 | DSL-3680 | |
73 | DT 815 | |
74 | DT 820 | |
75 | DT 845W | |
76 | DT 850W | |
77 | DWR-TC14 ADSL Modem | |
78 | EchoLife HG520s | |
79 | EchoLife Home Gateway | |
80 | EchoLife Portal de Inicio | |
81 | GO-DSL-N151 | |
82 | HB-150N | |
83 | HB-ADSL-150N | |
84 | Hexabyte ADSL | |
85 | Home Gateway | |
86 | iB-LR6111A | |
87 | iB-WR6111A | |
88 | iB-WR7011A | |
89 | iB-WRA150N | |
90 | iB-WRA300N | |
91 | iB-WRA300N3G | |
92 | IES1248-51 | |
93 | KN.3N | |
94 | KN.4N | |
95 | KR.KQ | |
96 | KR.KS | |
97 | KR.XL | |
98 | KR.XM | |
99 | KR.XM\t | |
100 | KR.YL | |
101 | Linksys BEFDSR41W | |
102 | LW-WAR2 | |
103 | M-101A | |
104 | M-101B | |
105 | M-200 A | |
106 | M-200 B | |
107 | MN-WR542T | |
108 | MS8-8817 | |
109 | MT800u-T ADSL | |
110 | MT880r-T ADSL | |
111 | MT882r-T ADSL | |
112 | MT886 | |
113 | mtnlbroadband | |
114 | NetBox NX2-R150 | |
115 | Netcomm NB14 | |
116 | Netcomm NB14Wn | |
117 | NP-BBRsx | |
118 | OMNI ADSL LAN EE(Annex A) | |
119 | P202H DSS1 | |
120 | P653HWI-11 | |
121 | P653HWI-13 | |
122 | P-660H-D1 | |
123 | P-660H-T1 v3s | |
124 | P-660H-T3 v3s | |
125 | P-660HW-D1 | |
126 | P-660R-D1 | |
127 | P-660R-T1 | |
128 | P-660R-T1 v3 | |
129 | P-660R-T1 v3s | |
130 | P-660R-T3 v3 | |
131 | P-660R-T3 v3s | |
132 | P-660RU-T1 | |
133 | P-660RU-T1 v3 | |
134 | P-660RU-T1 v3s | |
135 | P-660RU-T3 v3s | |
136 | PA-R11T | |
137 | PA-W40T-54G | |
138 | Cerberus P 6311-072 | |
139 | PL-DSL1 | |
140 | PN-54WADSL2 | |
141 | PN-ADSL101E | |
142 | Portal de Inicio | |
143 | POSTEF-8840 | |
144 | POSTEF-8880 | |
145 | Prestige 623ME-T1 | |
146 | Prestige 623ME-T3 | |
147 | Prestige 623R-A1 | |
148 | Prestige 623R-T1 | |
149 | Prestige 623R-T3 | |
150 | Prestige 645 | |
151 | Prestige 645R-A1 | |
152 | Prestige 650 | |
153 | Prestige 650H/HW-31 | |
154 | Prestige 650H/HW-33 | |
155 | Prestige 650H-17 | |
156 | Prestige 650H-E1 | |
157 | Prestige 650H-E3 | |
158 | Prestige 650H-E7 | |
159 | Prestige 650HW-11 | |
160 | Prestige 650HW-13 | |
161 | Prestige 650HW-31 | |
162 | Prestige 650HW-33 | |
163 | Prestige 650HW-37 | |
164 | Prestige 650R-11 | |
165 | Prestige 650R-13 | |
166 | Prestige 650R-31 | |
167 | Prestige 650R-33 | |
168 | Prestige 650R-E1 | |
169 | Prestige 650R-E3 | |
170 | Prestige 650R-T3 | |
171 | Prestige 652H/HW-31 | |
172 | Prestige 652H/HW-33 | |
173 | Prestige 652H/HW-37 | |
174 | Prestige 652R-11 | |
175 | Prestige 652R-13 | |
176 | Prestige 660H-61 | |
177 | Prestige 660HW-61 | |
178 | Prestige 660HW-67 | |
179 | Prestige 660R-61 | |
180 | Prestige 660R-61C | |
181 | Prestige 660R-63 | |
182 | Prestige 660R-63/67 | |
183 | Prestige 791R | |
184 | Prestige 792H | |
185 | RAWRB1001 | |
186 | RE033 | |
187 | RTA7020 | |
188 | RWS54 | |
189 | SG-1250 | |
190 | SG-1500 | |
191 | SmartAX | |
192 | SmartAX MT880 | |
193 | SmartAX MT882 | |
194 | SmartAX MT882r-T | |
195 | SmartAX MT882u | |
196 | Sterlite | |
197 | Sweex MO300 | |
198 | T514 | |
199 | TD811 | |
200 | TD821 | |
201 | TD841 | |
202 | TD854W | |
203 | TD-8616 | |
204 | TD-8811 | |
205 | TD-8816 | |
206 | TD-8816 1.0 | |
207 | TD-8816 2.0 | |
208 | TD-8816B | |
209 | TD-8817 | |
210 | TD-8817 1.0 | |
211 | TD-8817 2.0 | |
212 | TD-8817B | |
213 | TD-8820 | |
214 | TD-8820 1.0 | |
215 | TD-8840T | |
216 | TD-8840T 2.0 | |
217 | TD-8840TB | |
218 | TD-W8101G | |
219 | TD-W8151N | |
220 | TD-W8901G | |
221 | TD-W8901G 3.0 | |
222 | TD-W8901GB | |
223 | TD-W8901N | |
224 | TD-W8951NB | |
225 | TD-W8951ND | |
226 | TD-W8961N | |
227 | TD-W8961NB | |
228 | TD-W8961ND | |
229 | T-KD318-W | |
230 | TrendChip ADSL | |
231 | UM-A+ Asotel | |
232 | Vodafone ADSL | |
233 | vx811r | |
234 | WA3002-g1 | |
235 | WA3002G4 | |
236 | WA3002-g4 | |
237 | WBR-3601 | |
238 | WebShare 111 WN | |
239 | WebShare 141 WN | |
240 | WebShare 141 WN+ | |
241 | Wireless ADSL Modem/Router | |
242 | Wireless-N 150Mbps ADSL | |
243 | Router | |
244 | ZXDSL 831CII | |
245 | ZXDSL 831II | |
246 | ZXHN H108L | |
247 | ZXV10 W300 | |
248 | ZXV10 W300B | |
249 | ZXV10 W300D | |
250 | ZXV10 W300E | |
251 | ZXV10 W300S |
0 | ### | |
1 | ## Faraday Penetration Test IDE | |
2 | ## Copyright (C) 2014 Infobyte LLC (http://www.infobytesec.com/) | |
3 | ## See the file 'doc/LICENSE' for the license information | |
4 | ### | |
5 | # Version 1.0.0 | |
6 | title:scada | |
7 | modicon | |
8 | VxWorks | |
9 | title:ISC Scada | |
10 | flexim | |
11 | plc | |
12 | port:161 simatic | |
13 | Moxa | |
14 | Simatic+S7 | |
15 | Portal0000 | |
16 | powered by SpiderControl TM | |
17 | niagara_audit -login | |
18 | AKCP | |
19 | schneider | |
20 | port:44818 | |
21 | Z-World Rabbit 200 OK | |
22 | EIG Embedded Web Server | |
23 | iq3 | |
24 | THUS plc | |
25 | title:phasefale | |
26 | Stulz GmbH Klimatechnik | |
27 | enteliTOUCH | |
28 | HMI, XP277 | |
29 | title:adcon | |
30 | wince Content-Length:12581 | |
31 | honeywell Excel | |
32 | honeywell BNA | |
33 | Console terminal type | |
34 | CLP | |
35 | GoAhead-Webs InitialPage.asp | |
36 | RuggedCom | |
37 | Bacnet | |
38 | 200 OK i.LON | |
39 | enterasys | |
40 | serverview | |
41 | IPC@CHIP title:Start | |
42 | Schleifenbauer | |
43 | SCHNEIDER TSX ETG3021 | |
44 | Simatic -S7 HMI | |
45 | Simatic -S7 -HMI | |
46 | Jetty 3.1.8 (Windows 2000 5.0 x86) 200 OK | |
47 | A850+Telemetry+Gateway | |
48 | ABB+Webmodule | |
49 | Allen-Bradley | |
50 | /BroadWeb/ | |
51 | Cimetrics+Eplus+Web+Server | |
52 | CIMPLICITY | |
53 | CitectSCADA | |
54 | EIG+Embedded+Web+Server | |
55 | eiPortal | |
56 | EnergyICT | |
57 | ioLogik | |
58 | Modbus+Bridge | |
59 | ModbusGW | |
60 | Modicon+M340+CPU | |
61 | Niagara+Web+Server | |
62 | NovaTech+HTTPD | |
63 | Powerlink | |
64 | Reliance+4+Control+Server | |
65 | RTS+Scada | |
66 | RTU560 | |
67 | SIMATIC+NET | |
68 | Simatic+S7 | |
69 | SoftPLC | |
70 | TAC/Xenta | |
71 | WAGO | |
72 | webSCADA-Modbus |
0 | ### | |
1 | ## Faraday Penetration Test IDE | |
2 | ## Copyright (C) 2014 Infobyte LLC (http://www.infobytesec.com/) | |
3 | ## See the file 'doc/LICENSE' for the license information | |
4 | ### | |
5 | # Version 1.0.0 | |
6 | Server:SQ-WEBCAM | |
7 | Basic realm="logitec" | |
8 | webcamxp | |
9 | Axis+camera | |
10 | Axis+video | |
11 | Grandstream | |
12 | IQinVision | |
13 | Mobotix | |
14 | Panasonic AVC Server | |
15 | Samsung camera | |
16 | TRENDnet | |
17 | Vivotek | |
18 | netcam | |
19 | axis-cgi/jpg | |
20 | view/index.shtml | |
21 | Boa+ipcam | |
22 | d-Link Internet Camera | |
23 | Server: GeoHttpServer | |
24 | imagiatek+ipcam | |
25 | title:"IP CAMERA Viewer" Content-Length: 703 | |
26 | title:"DCS" camera | |
27 | LNE3003 Wireless IP Camera | |
28 | FlexiDome | |
29 | title:"RPi Cam Control" | |
30 | title:"WVC210 Wireless-G PTZ Internet Camera with Audio" | |
31 | title:"WV"+Camera | |
32 | airlive aircam |
0 | #!/usr/bin/env python3 | |
1 | ''' | |
2 | Faraday Penetration Test IDE | |
3 | Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/) | |
4 | See the file 'doc/LICENSE' for the license information | |
5 | ||
6 | ''' | |
7 | ||
8 | #libraries | |
9 | import subprocess | |
10 | import argparse | |
11 | import re | |
12 | import sys | |
13 | import xml.etree.cElementTree as ET | |
14 | ||
15 | if subprocess.call("openssl version", shell=True, stdout=subprocess.PIPE): | |
16 | sys.stderr.write("[+]OpenSSL package needed\n") | |
17 | exit(1) | |
18 | ||
19 | program_options = ('key', 'ren', 'sign', 'serv', 'cyph', 'forw', 'heart', 'crime', 'all') | |
20 | openssl_protocols = {'ssl3':'SSLv3', | |
21 | 'tls1':'TLSv1', | |
22 | 'tls1_1':'TLSv1.1', | |
23 | 'tls1_2':'TLSv1.2'} | |
24 | openssl_insecure_cyphers = {'RC','MD5','MD4','MD2','SHA0','SHA1', 'NULL','aNULL', | |
25 | 'eNULL','ADH','EXP','DES','LOW','PSK','SRP','DSS'} | |
26 | openssl_cyphers = subprocess.check_output("openssl ciphers 'ALL:eNULL'",shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE).split(":") | |
27 | ||
28 | parser = argparse.ArgumentParser(prog='SensorProbeClient', epilog="Scan availables: | KeySize: key | Signature Cipher: sign |Renegotiation: ren | Services available: serv | Cypher availables: cyph | Forward Secrecy: forw | Heartbleed test: heart | Crime test: crime") | |
29 | parser.add_argument('-r', action="store", type=str, choices=program_options, dest='choice', default="all", nargs='+', help='store the scan(s) requested by the users') | |
30 | parser.add_argument('--port', '-port', action="store", type=int, dest='port', default="443", help='store the port to scan') | |
31 | parser.add_argument('--xml', '-xml', action='store', type=str, dest='xmloutput', help='enabled the XML output in a specified file') | |
32 | parser.add_argument('host', nargs='+', type=str, help='store the target\'s host address (domain name or ipv4) separated by a space') | |
33 | parser.add_argument('--version', "-v", action='version', version='%(prog)s v1.0 by Morgan Lemarechal') | |
34 | ||
35 | args = parser.parse_args() | |
36 | ||
37 | def connection_test(host,port): | |
38 | for i in range(1,6): | |
39 | try: | |
40 | subprocess.check_output("openssl s_client -connect {}:{} < /dev/null".format(host,port), shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE) | |
41 | return | |
42 | except subprocess.CalledProcessError: | |
43 | print("[+]Connection failed... [ {} / 5 ]".format(i)) | |
44 | print("[+]Connection to the host impossible") | |
45 | exit(1) | |
46 | ||
47 | def basic_connect(host,port): | |
48 | result = subprocess.check_output("openssl s_client -connect {}:{} < /dev/null".format(host,port), shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE) | |
49 | return result.split("\n") | |
50 | ||
51 | def complex_connect(host,port): | |
52 | result = "" | |
53 | for sprotocol, protocol in openssl_protocols.items(): | |
54 | try: | |
55 | result += subprocess.check_output("openssl s_client -{} -connect {}:{} < /dev/null".format(sprotocol,host,port),shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE) | |
56 | except subprocess.CalledProcessError: | |
57 | #-----------------------------------XML_Export-----------------------------------# | |
58 | if args.xmloutput: | |
59 | protocolx = ET.SubElement(scan, protocol) | |
60 | protocolx.text="no" | |
61 | #-----------------------------------XML_Export-----------------------------------# | |
62 | if protocol == "TLSv1.1" or protocol == "TLSv1.2": | |
63 | print(" \033[0;41m{} not supported\033[0m".format(protocol)) | |
64 | else: | |
65 | print(" {} not supported".format(protocol)) | |
66 | return result.split("\n") | |
67 | def tlsdebug_connect(host,port): | |
68 | result = subprocess.check_output("openssl s_client -tlsextdebug -connect {}:{} < /dev/null".format(host,port),shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE) | |
69 | return result.split("\n") | |
70 | ||
71 | def sign_connect(host,port): | |
72 | signScript = """ | |
73 | echo "HEAD / HTTP/1.0 | |
74 | EOT | |
75 | " \ | |
76 | | openssl s_client -connect {}:{} 2>&1 \ | |
77 | | sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' \ | |
78 | | openssl x509 -noout -text -certopt no_signame""".format(host,port) | |
79 | result = subprocess.check_output("{}".format(signScript),shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE) | |
80 | return result.split("\n") | |
81 | ||
82 | def cypher_connect(host,port): | |
83 | result = "" | |
84 | for cyph in openssl_cyphers: | |
85 | try: | |
86 | result += subprocess.check_output("openssl s_client -cipher {} -connect {}:{} < /dev/null".format(cyph,host,port),shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE) | |
87 | except subprocess.CalledProcessError: | |
88 | pass | |
89 | return result.split("\n") | |
90 | ||
91 | def forward_connect(host,port): | |
92 | result = "" | |
93 | try: | |
94 | result = subprocess.check_output("openssl s_client -cipher EDH,EECDH -connect {}:{} < /dev/null".format(host,port),shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE) | |
95 | except subprocess.CalledProcessError: | |
96 | #-----------------------------------XML_Export-----------------------------------# | |
97 | if args.xmloutput: | |
98 | forward_secrecy = ET.SubElement(scan, "forward_secrecy") | |
99 | forward_secrecy.text="no" | |
100 | #-----------------------------------XML_Export-----------------------------------# | |
101 | print("\033[0;41m[+]Forward Secrecy not supported\033[0m") | |
102 | return result.split("\n") | |
103 | ||
104 | def key_check(host,port): | |
105 | for line in basic_connect(host,port): | |
106 | if "Server public key is" in line: | |
107 | #-----------------------------------XML_Export-----------------------------------# | |
108 | if args.xmloutput: | |
109 | key_size = ET.SubElement(scan, "key") | |
110 | key_size.text = str(re.findall(r'\d+', line)[0]) | |
111 | #-----------------------------------XML_Export-----------------------------------# | |
112 | print("[+]{}\n".format(line)) | |
113 | if int(re.findall(r'\d+', line)[0]) < 2048: | |
114 | print ("\033[0;41m[+]Insecure key size, it must be higher than 2048 bits\033[0m") | |
115 | return | |
116 | ||
117 | def ren_check(host,port): | |
118 | for line in basic_connect(host,port): | |
119 | if "Secure Renegotiation" in line: | |
120 | if "IS NOT supported" in line: | |
121 | #-----------------------------------XML_Export-----------------------------------# | |
122 | if args.xmloutput: | |
123 | renegotiation = ET.SubElement(scan, "renegotiation") | |
124 | renegotiation.text="no" | |
125 | #-----------------------------------XML_Export-----------------------------------# | |
126 | print("\033[0;41m[+]Secure renegotiation not supported\033[0m") | |
127 | else: | |
128 | #-----------------------------------XML_Export-----------------------------------# | |
129 | if args.xmloutput: | |
130 | renegotiation = ET.SubElement(scan, "renegotiation") | |
131 | renegotiation.text="yes" | |
132 | #-----------------------------------XML_Export-----------------------------------# | |
133 | print("[+]"+line) | |
134 | return | |
135 | ||
136 | ||
137 | def sign_check(host,port): | |
138 | for line in sign_connect(host,port): | |
139 | if "Signature Algorithm" in line: | |
140 | insecure = False | |
141 | for insecure_cypher in openssl_insecure_cyphers: | |
142 | if insecure_cypher in line or insecure_cypher.upper() in line or insecure_cypher.lower() in line: | |
143 | insecure = True | |
144 | print("\033[0;41m[+]{}\033[0m\n".format(line.replace(" ",""))) | |
145 | #-----------------------------------XML_Export-----------------------------------# | |
146 | if args.xmloutput: | |
147 | signature_cipher = ET.SubElement(scan, line.replace(" Signature Algorithm: ","")) | |
148 | signature_cipher.text = "signature insecure" | |
149 | #-----------------------------------XML_Export-----------------------------------# | |
150 | break | |
151 | if not insecure: | |
152 | #-----------------------------------XML_Export-----------------------------------# | |
153 | if args.xmloutput: | |
154 | signature_cipher = ET.SubElement(scan, line.replace(" Signature Algorithm: ","")) | |
155 | signature_cipher.text = "signature secure" | |
156 | #-----------------------------------XML_Export-----------------------------------# | |
157 | print("[+]"+line.replace(" ","")) | |
158 | ||
159 | def serv_check(host,port): | |
160 | print("[+]Protocols supported by the server:") | |
161 | for line in complex_connect(host,port): | |
162 | for i,protocol in enumerate(openssl_protocols): | |
163 | if line.endswith(openssl_protocols[protocol]): | |
164 | if openssl_protocols[protocol] == "SSLv3" or openssl_protocols[protocol] == "TLSv1": | |
165 | print(" \033[0;41m"+openssl_protocols[protocol]) | |
166 | else: | |
167 | print(" "+openssl_protocols[protocol]) | |
168 | #-----------------------------------XML_Export-----------------------------------# | |
169 | if args.xmloutput: | |
170 | protocolx = ET.SubElement(scan, openssl_protocols[protocol]) | |
171 | protocolx.text="yes" | |
172 | #-----------------------------------XML_Export-----------------------------------# | |
173 | if "Cipher " in line: | |
174 | print("|| Default cipher:{}\033[0m".format(line.replace(" Cipher : ","").replace("0000",""))) | |
175 | ||
176 | def cyph_check(host,port): | |
177 | print("[+]Ciphers supported by the server (it may takes a minute):") | |
178 | for line in cypher_connect(host,port): | |
179 | if "Cipher : " in line: | |
180 | insecure = False | |
181 | for insecure_cypher in openssl_insecure_cyphers: | |
182 | if insecure_cypher in line or insecure_cypher.upper() in line or insecure_cypher.lower() in line: | |
183 | #-----------------------------------XML_Export-----------------------------------# | |
184 | if args.xmloutput: | |
185 | cypher = ET.SubElement(scan, line.replace(" Cipher : ","")) | |
186 | cypher.text = "insecure" | |
187 | #-----------------------------------XML_Export-----------------------------------# | |
188 | print(" \033[0;41m{}\033[0m\n".format(line.replace(" Cipher : ","Supported cipher suite: [INSECURE] "))) | |
189 | insecure = True | |
190 | break | |
191 | if not insecure: | |
192 | #-----------------------------------XML_Export-----------------------------------# | |
193 | if args.xmloutput: | |
194 | cypher = ET.SubElement(scan, line.replace(" Cipher : ","")) | |
195 | cypher.text = "secure" | |
196 | #-----------------------------------XML_Export-----------------------------------# | |
197 | print(line.replace(" Cipher : "," Supported cipher suite: [SECURE] ")) | |
198 | ||
199 | def forw_check(host,port): | |
200 | for line in forward_connect(host,port): | |
201 | if "Cipher : " in line: | |
202 | #-----------------------------------XML_Export-----------------------------------# | |
203 | if args.xmloutput: | |
204 | forward_secrecy = ET.SubElement(scan, "forward_secrecy") | |
205 | forward_secrecy.text="yes" | |
206 | #-----------------------------------XML_Export-----------------------------------# | |
207 | print("[+]{} (prefered)".format(line.replace(" Cipher : ","Forward Secrecy supported: "))) | |
208 | return | |
209 | ||
210 | def heart_check(host,port): | |
211 | for line in tlsdebug_connect(host,port): | |
212 | if "TLS server extension heartbeat" in line : | |
213 | #-----------------------------------XML_Export-----------------------------------# | |
214 | if args.xmloutput: | |
215 | heartbeat = ET.SubElement(scan, "heartbeat") | |
216 | heartbeat.text = "yes" | |
217 | #-----------------------------------XML_Export-----------------------------------# | |
218 | print("\033[0;41m[+]Heartbeat extension vulnerable\033[0m") | |
219 | return; | |
220 | #-----------------------------------XML_Export-----------------------------------# | |
221 | if args.xmloutput: | |
222 | heartbeat = ET.SubElement(scan, "heartbeat") | |
223 | heartbeat.text = "no" | |
224 | #-----------------------------------XML_Export-----------------------------------# | |
225 | print("[+]Heartbeat extension disabled") | |
226 | ||
227 | def crime_check(host,port): | |
228 | for line in basic_connect(host,port): | |
229 | if "Compression: NONE" in line: | |
230 | #-----------------------------------XML_Export-----------------------------------# | |
231 | if args.xmloutput: | |
232 | crime = ET.SubElement(scan, "crime") | |
233 | crime.text = "no" | |
234 | #-----------------------------------XML_Export-----------------------------------# | |
235 | print("[+]Compression disabled, CRIME is prevented") | |
236 | return | |
237 | elif "Compression: " in line: | |
238 | #-----------------------------------XML_Export-----------------------------------# | |
239 | if args.xmloutput: | |
240 | crime = ET.SubElement(scan, "crime") | |
241 | crime.text = "yes" | |
242 | #-----------------------------------XML_Export-----------------------------------# | |
243 | print("\033[0;41m[+]Potentially vulnerable to CRIME:{}\033[0m").format(line) | |
244 | return | |
245 | ||
246 | print("""\n\033[0;33m | |
247 | ___ ___ _ ___ _ _ | |
248 | / __/ __| | / __| |_ ___ __| |_ | |
249 | \__ \__ \ |_| (__| ' \/ -_) _| / / | |
250 | |___/___/____\___|_||_\___\__|_\_\ \033[0m | |
251 | ||
252 | Version v1.0: November 2014 | |
253 | Morgan Lemarechal\n""") | |
254 | ||
255 | if args.xmloutput: | |
256 | root = ET.Element("sslcheck") | |
257 | ||
258 | for host in args.host: | |
259 | ||
260 | if re.match(r"^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$",host): | |
261 | host_ip = host | |
262 | host_name = "" | |
263 | #host_name = subprocess.check_output("dig -x {} +short|sed 's/\.$//g'".format(host),shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE).rstrip() | |
264 | print("[+]Perfoming the scan of {}".format(host_ip)) | |
265 | else: | |
266 | host_name = host | |
267 | host_ip = subprocess.check_output("nslookup "+host+" | tail -2 | head -1|awk '{print $2}'",shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE).rstrip() | |
268 | print("[+]Perfoming the scan of {}|{}".format(host_name,host_ip)) | |
269 | ||
270 | try: | |
271 | #-----------------------------------XML_Export-----------------------------------# | |
272 | if args.xmloutput: | |
273 | scan = ET.SubElement(root, "scan") | |
274 | scan.set('host',host_ip) | |
275 | scan.set('port',str(args.port)) | |
276 | scan.set('hostname',host_name) | |
277 | #-----------------------------------XML_Export-----------------------------------# | |
278 | connection_test(host,args.port) | |
279 | for scanning in program_options: | |
280 | if args.choice == "all" or scanning in args.choice: | |
281 | if not scanning == "all": | |
282 | action = scanning+"_check" | |
283 | globals()[action](host,args.port) | |
284 | ||
285 | except KeyboardInterrupt: | |
286 | print("[+]Interrupting SSLcheck...") | |
287 | exit(1) | |
288 | ||
289 | #-----------------------------------XML_Export-----------------------------------# | |
290 | if args.xmloutput: | |
291 | tree = ET.ElementTree(root) | |
292 | try: | |
293 | fo = open(args.xmloutput, "w") | |
294 | tree.write(fo) | |
295 | fo.close() | |
296 | except IOError: | |
297 | sys.exit('\033[0;41m[+]XML export failed.\033[0m') | |
298 | #-----------------------------------XML_Export-----------------------------------# | |
299 | # I'm Py3⏎ |
0 | #!/usr/bin/env python | |
1 | # -*- coding: utf-8 -*- | |
2 | ''' | |
3 | Faraday Penetration Test IDE | |
4 | Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/) | |
5 | See the file 'doc/LICENSE' for the license information | |
6 | ||
7 | ''' | |
8 | ||
9 | import subprocess | |
10 | import argparse | |
11 | from lxml import etree as ET | |
12 | import os.path | |
13 | from os.path import basename | |
14 | import re | |
15 | ||
16 | from wcscans import phpini, webconfig | |
17 | ||
18 | def is_valid_address(parser,arg): | |
19 | if re.match(r"^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$",arg): | |
20 | return arg | |
21 | else: | |
22 | parser.error('{} is not a valid address!'.format(arg)) | |
23 | ||
24 | def are_valid_files(parser,*args): | |
25 | for arg in args: | |
26 | return is_valid_file(parser, arg) | |
27 | ||
28 | def is_valid_file(parser, arg): | |
29 | if not os.path.isfile(arg): | |
30 | parser.error('{} does not exist!'.format(arg)) | |
31 | else: | |
32 | try: | |
33 | if re.search("XML",subprocess.check_output("file {}".format(arg), | |
34 | shell=True, | |
35 | stdin=subprocess.PIPE, | |
36 | stderr=subprocess.PIPE)): | |
37 | if not os.path.isfile("wcscans/DotNetConfig.xsd"): | |
38 | parser.error("DotNetConfig.xsd is missing, cannot validate the web.config".format(arg)) | |
39 | else: | |
40 | f = open("wcscans/DotNetConfig.xsd","r") | |
41 | webconfig_schema = ET.XMLSchema(ET.parse(f)) | |
42 | webconfig_schema.validate(ET.parse(arg)) | |
43 | ||
44 | if re.search("\.ini$",arg): | |
45 | pass | |
46 | ||
47 | return arg | |
48 | except ET.ParseError: | |
49 | parser.error("{} is not a valid file!".format(arg)) | |
50 | ||
51 | parser = argparse.ArgumentParser(prog='Wcscan') | |
52 | parser.add_argument('files', nargs='+', | |
53 | type=lambda *args: are_valid_files(parser,*args), | |
54 | help='''configuration files as inputs, | |
55 | separated by a space. | |
56 | currently supported: | |
57 | php.ini and web.config''') | |
58 | parser.add_argument('-r', action='store_true', dest='recmode', | |
59 | help='enable the recommendation mode') | |
60 | parser.add_argument('-host', action='store', | |
61 | type=lambda arg: is_valid_address(parser,arg), | |
62 | dest='host', default="127.0.0.1", | |
63 | help='to give the IP address of the conf file owner') | |
64 | parser.add_argument('-port', action='store', type=int, | |
65 | dest='port', default="80", | |
66 | help='to give a associated port') | |
67 | parser.add_argument('--xml', action='store', type=str, dest='xmloutput', | |
68 | help='enabled the XML output in a specified file') | |
69 | parser.add_argument('--version', "-v", action='version', | |
70 | version='%(prog)s v1.0 by Morgan Lemarechal') | |
71 | args = parser.parse_args() | |
72 | ||
73 | print (basename("/a/b/c.txt")) | |
74 | print ("""\033[0;33m | |
75 | __ __ | |
76 | \ \ /\ / /__ ___ ___ __ _ _ __ | |
77 | \ \/ \/ / __/ __|/ __/ _` | '_ \ | |
78 | \ /\ / (__\__ \ (_| (_| | | | | | |
79 | \/ \/ \___|___/\___\__,_|_| |_| | |
80 | Version v1.0: November 2014 | |
81 | Morgan Lemarechal\033[0m""") | |
82 | ||
83 | if args.xmloutput: | |
84 | root = ET.Element("wcscan") | |
85 | else: | |
86 | scan = None | |
87 | ||
88 | for file in args.files: | |
89 | try: | |
90 | print("\n[+]Perfoming the scan of \033[1;30m{}\033[0m...".format(file)) | |
91 | ||
92 | #------------------------------XML_Export------------------------------# | |
93 | if args.xmloutput: | |
94 | scan = ET.SubElement(root, "scan") | |
95 | scan.set('file',basename(file)) | |
96 | scan.set('host',args.host) | |
97 | scan.set('port',str(args.port)) | |
98 | #------------------------------XML_Export------------------------------# | |
99 | ||
100 | if re.search("XML",subprocess.check_output("file {}".format(file), | |
101 | shell=True, | |
102 | stdin=subprocess.PIPE, | |
103 | stderr=subprocess.PIPE)): | |
104 | #------------------------------XML_Export------------------------------# | |
105 | if args.xmloutput: | |
106 | scan.set('type','webconfig') | |
107 | #------------------------------XML_Export------------------------------# | |
108 | webconfig.scanner(file,args.recmode,scan) | |
109 | ||
110 | if re.search("\.ini$",file): | |
111 | #------------------------------XML_Export------------------------------# | |
112 | if args.xmloutput: | |
113 | scan.set('type','phpini') | |
114 | #------------------------------XML_Export------------------------------# | |
115 | phpini.scanner(file,args.recmode,scan) | |
116 | ||
117 | #------------------------------XML_Export------------------------------# | |
118 | if args.xmloutput: | |
119 | tree = ET.ElementTree(root) | |
120 | try: | |
121 | fo = open(args.xmloutput, "w") | |
122 | tree.write(fo) | |
123 | fo.close() | |
124 | except IOError: | |
125 | sys.exit('\033[0;41m[+]XML export failed.\033[0m') | |
126 | #------------------------------XML_Export------------------------------# | |
127 | ||
128 | except KeyboardInterrupt: | |
129 | print("\n[+]Interrupting the checking of \033[1;30m{}\033[0m...".format(file)) | |
130 | # I'm Py3⏎ |
0 | <?xml version="1.0" encoding="us-ascii"?> | |
1 | <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:vs="http://schemas.microsoft.com/Visual-Studio-Intellisense" elementFormDefault="qualified" attributeFormDefault="unqualified" vs:helpNamespace="http://schemas.microsoft.com/.NetConfiguration/v2.0"> | |
2 | <xs:element name="configuration"> | |
3 | <xs:complexType> | |
4 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
5 | <xs:any namespace="##any" processContents="lax" /> | |
6 | </xs:choice> | |
7 | </xs:complexType> | |
8 | </xs:element> | |
9 | <xs:element name="location"> | |
10 | <xs:complexType> | |
11 | <xs:choice> | |
12 | <xs:any namespace="##any" processContents="lax" /> | |
13 | </xs:choice> | |
14 | <xs:attribute name="path" type="xs:string" use="optional" /> | |
15 | <xs:attribute name="allowOverride" type="small_boolean_Type" use="optional" /> | |
16 | </xs:complexType> | |
17 | </xs:element> | |
18 | <xs:element name="configSections" type="configSections_type" /> | |
19 | <xs:complexType name="configSectionGroup_type"> | |
20 | <xs:choice> | |
21 | <xs:group ref="configTypeDefinition" maxOccurs="unbounded" /> | |
22 | </xs:choice> | |
23 | <xs:attribute name="name" type="xs:string" use="required" /> | |
24 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
25 | </xs:complexType> | |
26 | <xs:complexType name="configSections_type"> | |
27 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
28 | <xs:group ref="configTypeDefinition" minOccurs="0" maxOccurs="unbounded" /> | |
29 | </xs:choice> | |
30 | </xs:complexType> | |
31 | <xs:group name="configTypeDefinition"> | |
32 | <xs:choice> | |
33 | <xs:element name="section" type="configSection_section" minOccurs="0" maxOccurs="unbounded" /> | |
34 | <xs:element name="sectionGroup" type="configSectionGroup_type" minOccurs="0" maxOccurs="unbounded" /> | |
35 | </xs:choice> | |
36 | </xs:group> | |
37 | <xs:complexType name="configSection_section"> | |
38 | <xs:attribute name="name" type="xs:string" use="required" /> | |
39 | <xs:attribute name="type" type="xs:string" use="required" /> | |
40 | <xs:attribute name="requirePermission" type="boolean_Type" use="optional" /> | |
41 | <xs:attribute name="allowLocation" type="boolean_Type" use="optional" /> | |
42 | <xs:attribute name="allowOverride" type="boolean_Type" use="optional" /> | |
43 | <xs:attribute name="restartOnExternalChanges" type="boolean_Type" use="optional" /> | |
44 | <xs:attribute name="allowDefinition" use="optional"> | |
45 | <xs:simpleType> | |
46 | <xs:restriction base="xs:string"> | |
47 | <xs:enumeration value="MachineToWebRoot" /> | |
48 | <xs:enumeration value="MachineToApplication" /> | |
49 | <xs:enumeration value="MachineOnly" /> | |
50 | <xs:enumeration value="Everywhere" /> | |
51 | </xs:restriction> | |
52 | </xs:simpleType> | |
53 | </xs:attribute> | |
54 | <xs:attribute name="allowExeDefinition" use="optional"> | |
55 | <xs:simpleType> | |
56 | <xs:restriction base="xs:string"> | |
57 | <xs:enumeration value="MachineOnly" /> | |
58 | <xs:enumeration value="MachineToApplication" /> | |
59 | <xs:enumeration value="MachineToLocalUser" /> | |
60 | <xs:enumeration value="MachineToRoamingUser" /> | |
61 | </xs:restriction> | |
62 | </xs:simpleType> | |
63 | </xs:attribute> | |
64 | </xs:complexType> | |
65 | <xs:simpleType name="Infinite_or_int"> | |
66 | <xs:union memberTypes="Infinite xs:int" /> | |
67 | </xs:simpleType> | |
68 | <xs:simpleType name="Infinite"> | |
69 | <xs:restriction base="xs:string"> | |
70 | <xs:enumeration value="Infinite" /> | |
71 | </xs:restriction> | |
72 | </xs:simpleType> | |
73 | <xs:simpleType name="small_boolean_Type"> | |
74 | <xs:restriction base="xs:NMTOKEN"> | |
75 | <xs:enumeration value="false" /> | |
76 | <xs:enumeration value="true" /> | |
77 | </xs:restriction> | |
78 | </xs:simpleType> | |
79 | <xs:simpleType name="boolean_Type"> | |
80 | <xs:restriction base="xs:NMTOKEN"> | |
81 | <xs:enumeration value="false" /> | |
82 | <xs:enumeration value="true" /> | |
83 | <xs:enumeration value="True" /> | |
84 | <xs:enumeration value="False" /> | |
85 | </xs:restriction> | |
86 | </xs:simpleType> | |
87 | <xs:element name="appSettings" vs:help="configuration/appSettings"> | |
88 | <xs:complexType> | |
89 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
90 | <xs:element name="add" vs:help="configuration/appSettings/add"> | |
91 | <xs:complexType> | |
92 | <xs:attribute name="key" type="xs:string" use="optional" /> | |
93 | <xs:attribute name="value" type="xs:string" use="optional" /> | |
94 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
95 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
96 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
97 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
98 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
99 | </xs:complexType> | |
100 | </xs:element> | |
101 | <xs:element name="remove" vs:help="configuration/appSettings/remove"> | |
102 | <xs:complexType> | |
103 | <xs:attribute name="key" type="xs:string" use="optional" /> | |
104 | </xs:complexType> | |
105 | </xs:element> | |
106 | <xs:element name="clear" vs:help="configuration/appSettings/clear"> | |
107 | <xs:complexType> | |
108 | <!--tag is empty--> | |
109 | </xs:complexType> | |
110 | </xs:element> | |
111 | </xs:choice> | |
112 | <xs:attribute name="file" type="xs:string" use="optional" /> | |
113 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
114 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
115 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
116 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
117 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
118 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
119 | </xs:complexType> | |
120 | </xs:element> | |
121 | <xs:element name="assemblyBinding" vs:help="configuration/assemblyBinding" /> | |
122 | <xs:element name="configProtectedData" vs:help="configuration/configProtectedData"> | |
123 | <xs:complexType> | |
124 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
125 | <xs:element name="providers" vs:help="configuration/configProtectedData/providers"> | |
126 | <xs:complexType> | |
127 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
128 | <xs:element name="add" vs:help="configuration/configProtectedData/providers/add"> | |
129 | <xs:complexType> | |
130 | <xs:attribute name="name" type="xs:string" use="required" /> | |
131 | <xs:attribute name="type" type="xs:string" use="required" /> | |
132 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
133 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
134 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
135 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
136 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
137 | </xs:complexType> | |
138 | </xs:element> | |
139 | <xs:element name="remove" vs:help="configuration/configProtectedData/providers/remove"> | |
140 | <xs:complexType> | |
141 | <xs:attribute name="name" type="xs:string" use="required" /> | |
142 | </xs:complexType> | |
143 | </xs:element> | |
144 | <xs:element name="clear" vs:help="configuration/configProtectedData/providers/clear"> | |
145 | <xs:complexType> | |
146 | <!--tag is empty--> | |
147 | </xs:complexType> | |
148 | </xs:element> | |
149 | </xs:choice> | |
150 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
151 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
152 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
153 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
154 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
155 | </xs:complexType> | |
156 | </xs:element> | |
157 | </xs:choice> | |
158 | <xs:attribute name="defaultProvider" type="xs:string" use="optional" /> | |
159 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
160 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
161 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
162 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
163 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
164 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
165 | </xs:complexType> | |
166 | </xs:element> | |
167 | <xs:element name="connectionStrings" vs:help="configuration/connectionStrings"> | |
168 | <xs:complexType> | |
169 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
170 | <xs:element name="add" vs:help="configuration/connectionStrings/add"> | |
171 | <xs:complexType> | |
172 | <xs:attribute name="connectionString" type="xs:string" use="required" /> | |
173 | <xs:attribute name="name" type="xs:string" use="required" /> | |
174 | <xs:attribute name="providerName" type="xs:string" use="optional" /> | |
175 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
176 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
177 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
178 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
179 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
180 | </xs:complexType> | |
181 | </xs:element> | |
182 | <xs:element name="remove" vs:help="configuration/connectionStrings/remove"> | |
183 | <xs:complexType> | |
184 | <xs:attribute name="name" type="xs:string" use="required" /> | |
185 | </xs:complexType> | |
186 | </xs:element> | |
187 | <xs:element name="clear" vs:help="configuration/connectionStrings/clear"> | |
188 | <xs:complexType> | |
189 | <!--tag is empty--> | |
190 | </xs:complexType> | |
191 | </xs:element> | |
192 | </xs:choice> | |
193 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
194 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
195 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
196 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
197 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
198 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
199 | </xs:complexType> | |
200 | </xs:element> | |
201 | <xs:element name="mscorlib" vs:help="configuration/mscorlib" /> | |
202 | <xs:element name="runtime" vs:help="configuration/runtime"> | |
203 | <xs:complexType> | |
204 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
205 | <xs:any namespace="##any" processContents="skip" /> | |
206 | </xs:choice> | |
207 | <xs:anyAttribute processContents="skip" /> | |
208 | </xs:complexType> | |
209 | </xs:element> | |
210 | <xs:element name="satelliteassemblies" vs:help="configuration/satelliteassemblies" /> | |
211 | <xs:element name="startup" vs:help="configuration/startup" /> | |
212 | <xs:element name="system.codedom" vs:help="configuration/system.codedom" /> | |
213 | <xs:element name="system.data" vs:help="configuration/system.data"> | |
214 | <xs:complexType> | |
215 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
216 | <xs:any namespace="##any" processContents="skip" /> | |
217 | </xs:choice> | |
218 | </xs:complexType> | |
219 | </xs:element> | |
220 | <xs:element name="system.data.dataset" vs:help="configuration/system.data.dataset" /> | |
221 | <xs:element name="system.data.odbc" vs:help="configuration/system.data.odbc" /> | |
222 | <xs:element name="system.data.oledb" vs:help="configuration/system.data.oledb" /> | |
223 | <xs:element name="system.data.oracleclient" vs:help="configuration/system.data.oracleclient" /> | |
224 | <xs:element name="system.data.sqlclient" vs:help="configuration/system.data.sqlclient" /> | |
225 | <xs:element name="system.diagnostics" vs:help="configuration/system.diagnostics"> | |
226 | <xs:complexType> | |
227 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
228 | <xs:element name="assert" vs:help="configuration/system.diagnostics/assert"> | |
229 | <xs:complexType> | |
230 | <xs:attribute name="assertuienabled" type="small_boolean_Type" use="optional" /> | |
231 | <xs:attribute name="logfilename" type="xs:string" use="optional" /> | |
232 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
233 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
234 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
235 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
236 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
237 | </xs:complexType> | |
238 | </xs:element> | |
239 | <xs:element name="performanceCounters" vs:help="configuration/system.diagnostics/performanceCounters"> | |
240 | <xs:complexType> | |
241 | <xs:attribute name="filemappingsize" type="xs:int" use="optional" /> | |
242 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
243 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
244 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
245 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
246 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
247 | </xs:complexType> | |
248 | </xs:element> | |
249 | <xs:element name="sharedListeners" vs:help="configuration/system.diagnostics/sharedListeners"> | |
250 | <xs:complexType> | |
251 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
252 | <xs:element name="add" vs:help="configuration/system.diagnostics/sharedListeners/add"> | |
253 | <xs:complexType> | |
254 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
255 | <xs:element name="filter" vs:help="configuration/system.diagnostics/sharedListeners/ListenerElement/filter"> | |
256 | <xs:complexType> | |
257 | <xs:attribute name="initializeData" type="xs:string" use="optional" /> | |
258 | <xs:attribute name="type" type="xs:string" use="required" /> | |
259 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
260 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
261 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
262 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
263 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
264 | </xs:complexType> | |
265 | </xs:element> | |
266 | </xs:choice> | |
267 | <xs:attribute name="name" type="xs:string" use="required" /> | |
268 | <xs:attribute name="traceOutputOptions" use="optional"> | |
269 | <xs:simpleType> | |
270 | <xs:restriction base="xs:NMTOKEN"> | |
271 | <xs:enumeration value="Callstack" /> | |
272 | <xs:enumeration value="DateTime" /> | |
273 | <xs:enumeration value="LogicalOperationStack" /> | |
274 | <xs:enumeration value="None" /> | |
275 | <xs:enumeration value="ProcessId" /> | |
276 | <xs:enumeration value="ThreadId" /> | |
277 | <xs:enumeration value="Timestamp" /> | |
278 | </xs:restriction> | |
279 | </xs:simpleType> | |
280 | </xs:attribute> | |
281 | <xs:attribute name="initializeData" type="xs:string" use="optional" /> | |
282 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
283 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
284 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
285 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
286 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
287 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
288 | </xs:complexType> | |
289 | </xs:element> | |
290 | <xs:element name="remove" vs:help="configuration/system.diagnostics/sharedListeners/remove"> | |
291 | <xs:complexType> | |
292 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
293 | <xs:element name="filter" vs:help="configuration/system.diagnostics/sharedListeners/ListenerElement/filter"> | |
294 | <xs:complexType> | |
295 | <xs:attribute name="initializeData" type="xs:string" use="optional" /> | |
296 | <xs:attribute name="type" type="xs:string" use="required" /> | |
297 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
298 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
299 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
300 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
301 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
302 | </xs:complexType> | |
303 | </xs:element> | |
304 | </xs:choice> | |
305 | <xs:attribute name="name" type="xs:string" use="required" /> | |
306 | </xs:complexType> | |
307 | </xs:element> | |
308 | </xs:choice> | |
309 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
310 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
311 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
312 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
313 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
314 | </xs:complexType> | |
315 | </xs:element> | |
316 | <xs:element name="sources" vs:help="configuration/system.diagnostics/sources"> | |
317 | <xs:complexType> | |
318 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
319 | <xs:element name="source" vs:help="configuration/system.diagnostics/sources/source"> | |
320 | <xs:complexType> | |
321 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
322 | <xs:element name="listeners" vs:help="configuration/system.diagnostics/sources/SourceElement/listeners"> | |
323 | <xs:complexType> | |
324 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
325 | <xs:element name="add" vs:help="configuration/system.diagnostics/sources/SourceElement/listeners/add"> | |
326 | <xs:complexType> | |
327 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
328 | <xs:element name="filter" vs:help="configuration/system.diagnostics/sources/SourceElement/listeners/ListenerElement/filter"> | |
329 | <xs:complexType> | |
330 | <xs:attribute name="initializeData" type="xs:string" use="optional" /> | |
331 | <xs:attribute name="type" type="xs:string" use="required" /> | |
332 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
333 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
334 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
335 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
336 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
337 | </xs:complexType> | |
338 | </xs:element> | |
339 | </xs:choice> | |
340 | <xs:attribute name="name" type="xs:string" use="required" /> | |
341 | <xs:attribute name="traceOutputOptions" use="optional"> | |
342 | <xs:simpleType> | |
343 | <xs:restriction base="xs:NMTOKEN"> | |
344 | <xs:enumeration value="Callstack" /> | |
345 | <xs:enumeration value="DateTime" /> | |
346 | <xs:enumeration value="LogicalOperationStack" /> | |
347 | <xs:enumeration value="None" /> | |
348 | <xs:enumeration value="ProcessId" /> | |
349 | <xs:enumeration value="ThreadId" /> | |
350 | <xs:enumeration value="Timestamp" /> | |
351 | </xs:restriction> | |
352 | </xs:simpleType> | |
353 | </xs:attribute> | |
354 | <xs:attribute name="initializeData" type="xs:string" use="optional" /> | |
355 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
356 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
357 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
358 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
359 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
360 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
361 | </xs:complexType> | |
362 | </xs:element> | |
363 | <xs:element name="remove" vs:help="configuration/system.diagnostics/sources/SourceElement/listeners/remove"> | |
364 | <xs:complexType> | |
365 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
366 | <xs:element name="filter" vs:help="configuration/system.diagnostics/sources/SourceElement/listeners/ListenerElement/filter"> | |
367 | <xs:complexType> | |
368 | <xs:attribute name="initializeData" type="xs:string" use="optional" /> | |
369 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
370 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
371 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
372 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
373 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
374 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
375 | </xs:complexType> | |
376 | </xs:element> | |
377 | </xs:choice> | |
378 | <xs:attribute name="name" type="xs:string" use="required" /> | |
379 | </xs:complexType> | |
380 | </xs:element> | |
381 | </xs:choice> | |
382 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
383 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
384 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
385 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
386 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
387 | </xs:complexType> | |
388 | </xs:element> | |
389 | </xs:choice> | |
390 | <xs:attribute name="name" type="xs:string" use="required" /> | |
391 | <xs:attribute name="switchName" type="xs:string" use="optional" /> | |
392 | <xs:attribute name="switchType" type="xs:string" use="optional" /> | |
393 | <xs:attribute name="switchValue" type="xs:string" use="optional" /> | |
394 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
395 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
396 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
397 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
398 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
399 | </xs:complexType> | |
400 | </xs:element> | |
401 | </xs:choice> | |
402 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
403 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
404 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
405 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
406 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
407 | </xs:complexType> | |
408 | </xs:element> | |
409 | <xs:element name="switches" vs:help="configuration/system.diagnostics/switches"> | |
410 | <xs:complexType> | |
411 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
412 | <xs:element name="add" vs:help="configuration/system.diagnostics/switches/add"> | |
413 | <xs:complexType> | |
414 | <xs:attribute name="name" type="xs:string" use="required" /> | |
415 | <xs:attribute name="value" type="xs:string" use="required" /> | |
416 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
417 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
418 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
419 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
420 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
421 | </xs:complexType> | |
422 | </xs:element> | |
423 | <xs:element name="remove" vs:help="configuration/system.diagnostics/switches/remove"> | |
424 | <xs:complexType> | |
425 | <xs:attribute name="name" type="xs:string" use="required" /> | |
426 | </xs:complexType> | |
427 | </xs:element> | |
428 | <xs:element name="clear" vs:help="configuration/system.diagnostics/switches/clear"> | |
429 | <xs:complexType> | |
430 | <!--tag is empty--> | |
431 | </xs:complexType> | |
432 | </xs:element> | |
433 | </xs:choice> | |
434 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
435 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
436 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
437 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
438 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
439 | </xs:complexType> | |
440 | </xs:element> | |
441 | <xs:element name="trace" vs:help="configuration/system.diagnostics/trace"> | |
442 | <xs:complexType> | |
443 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
444 | <xs:element name="listeners" vs:help="configuration/system.diagnostics/trace/listeners"> | |
445 | <xs:complexType> | |
446 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
447 | <xs:element name="add" vs:help="configuration/system.diagnostics/trace/listeners/add"> | |
448 | <xs:complexType> | |
449 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
450 | <xs:element name="filter" vs:help="configuration/system.diagnostics/trace/listeners/ListenerElement/filter"> | |
451 | <xs:complexType> | |
452 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
453 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
454 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
455 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
456 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
457 | </xs:complexType> | |
458 | </xs:element> | |
459 | </xs:choice> | |
460 | <xs:attribute name="name" type="xs:string" use="required" /> | |
461 | <xs:attribute name="traceOutputOptions" use="optional"> | |
462 | <xs:simpleType> | |
463 | <xs:restriction base="xs:NMTOKEN"> | |
464 | <xs:enumeration value="Callstack" /> | |
465 | <xs:enumeration value="DateTime" /> | |
466 | <xs:enumeration value="LogicalOperationStack" /> | |
467 | <xs:enumeration value="None" /> | |
468 | <xs:enumeration value="ProcessId" /> | |
469 | <xs:enumeration value="ThreadId" /> | |
470 | <xs:enumeration value="Timestamp" /> | |
471 | </xs:restriction> | |
472 | </xs:simpleType> | |
473 | </xs:attribute> | |
474 | <xs:attribute name="initializeData" type="xs:string" use="optional" /> | |
475 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
476 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
477 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
478 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
479 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
480 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
481 | </xs:complexType> | |
482 | </xs:element> | |
483 | <xs:element name="remove" vs:help="configuration/system.diagnostics/trace/listeners/remove"> | |
484 | <xs:complexType> | |
485 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
486 | <xs:element name="filter" vs:help="configuration/system.diagnostics/trace/listeners/ListenerElement/filter"> | |
487 | <xs:complexType> | |
488 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
489 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
490 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
491 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
492 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
493 | </xs:complexType> | |
494 | </xs:element> | |
495 | </xs:choice> | |
496 | <xs:attribute name="name" type="xs:string" use="required" /> | |
497 | </xs:complexType> | |
498 | </xs:element> | |
499 | <xs:element name="clear" vs:help="configuration/system.diagnostics/trace/listeners/clear"> | |
500 | <xs:complexType> | |
501 | <!--tag is empty--> | |
502 | </xs:complexType> | |
503 | </xs:element> | |
504 | </xs:choice> | |
505 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
506 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
507 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
508 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
509 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
510 | </xs:complexType> | |
511 | </xs:element> | |
512 | </xs:choice> | |
513 | <xs:attribute name="autoflush" type="small_boolean_Type" use="optional" /> | |
514 | <xs:attribute name="indentsize" type="xs:int" use="optional" /> | |
515 | <xs:attribute name="useGlobalLock" type="small_boolean_Type" use="optional" /> | |
516 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
517 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
518 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
519 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
520 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
521 | </xs:complexType> | |
522 | </xs:element> | |
523 | </xs:choice> | |
524 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
525 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
526 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
527 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
528 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
529 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
530 | </xs:complexType> | |
531 | </xs:element> | |
532 | <xs:element name="system.runtime.remoting" vs:help="configuration/system.runtime.remoting" /> | |
533 | <xs:element name="system.webServer" vs:help="configuration/system.webServer" /> | |
534 | <xs:element name="system.windows.forms" vs:help="configuration/system.windows.forms"> | |
535 | <xs:complexType> | |
536 | <xs:attribute name="jitDebugging" type="small_boolean_Type" use="optional" /> | |
537 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
538 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
539 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
540 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
541 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
542 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
543 | </xs:complexType> | |
544 | </xs:element> | |
545 | <xs:element name="windows" vs:help="configuration/windows" /> | |
546 | <xs:element name="system.net" vs:help="configuration/system.net"> | |
547 | <xs:complexType> | |
548 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
549 | <xs:element name="authenticationModules" vs:help="configuration/system.net/authenticationModules"> | |
550 | <xs:complexType> | |
551 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
552 | <xs:element name="add" vs:help="configuration/system.net/authenticationModules/add"> | |
553 | <xs:complexType> | |
554 | <xs:attribute name="type" type="xs:string" use="required" /> | |
555 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
556 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
557 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
558 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
559 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
560 | </xs:complexType> | |
561 | </xs:element> | |
562 | <xs:element name="remove" vs:help="configuration/system.net/authenticationModules/remove"> | |
563 | <xs:complexType> | |
564 | <xs:attribute name="type" type="xs:string" use="required" /> | |
565 | </xs:complexType> | |
566 | </xs:element> | |
567 | <xs:element name="clear" vs:help="configuration/system.net/authenticationModules/clear"> | |
568 | <xs:complexType> | |
569 | <!--tag is empty--> | |
570 | </xs:complexType> | |
571 | </xs:element> | |
572 | </xs:choice> | |
573 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
574 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
575 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
576 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
577 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
578 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
579 | </xs:complexType> | |
580 | </xs:element> | |
581 | <xs:element name="connectionManagement" vs:help="configuration/system.net/connectionManagement"> | |
582 | <xs:complexType> | |
583 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
584 | <xs:element name="add" vs:help="configuration/system.net/connectionManagement/add"> | |
585 | <xs:complexType> | |
586 | <xs:attribute name="address" type="xs:string" use="required" /> | |
587 | <xs:attribute name="maxconnection" type="xs:int" use="required" /> | |
588 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
589 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
590 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
591 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
592 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
593 | </xs:complexType> | |
594 | </xs:element> | |
595 | <xs:element name="remove" vs:help="configuration/system.net/connectionManagement/remove"> | |
596 | <xs:complexType> | |
597 | <xs:attribute name="address" type="xs:string" use="required" /> | |
598 | </xs:complexType> | |
599 | </xs:element> | |
600 | <xs:element name="clear" vs:help="configuration/system.net/connectionManagement/clear"> | |
601 | <xs:complexType> | |
602 | <!--tag is empty--> | |
603 | </xs:complexType> | |
604 | </xs:element> | |
605 | </xs:choice> | |
606 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
607 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
608 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
609 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
610 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
611 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
612 | </xs:complexType> | |
613 | </xs:element> | |
614 | <xs:element name="defaultProxy" vs:help="configuration/system.net/defaultProxy"> | |
615 | <xs:complexType> | |
616 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
617 | <xs:element name="bypasslist" vs:help="configuration/system.net/defaultProxy/bypasslist"> | |
618 | <xs:complexType> | |
619 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
620 | <xs:element name="add" vs:help="configuration/system.net/defaultProxy/bypasslist/add"> | |
621 | <xs:complexType> | |
622 | <xs:attribute name="address" type="xs:string" use="required" /> | |
623 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
624 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
625 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
626 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
627 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
628 | </xs:complexType> | |
629 | </xs:element> | |
630 | <xs:element name="remove" vs:help="configuration/system.net/defaultProxy/bypasslist/remove"> | |
631 | <xs:complexType> | |
632 | <xs:attribute name="address" type="xs:string" use="required" /> | |
633 | </xs:complexType> | |
634 | </xs:element> | |
635 | <xs:element name="clear" vs:help="configuration/system.net/defaultProxy/bypasslist/clear"> | |
636 | <xs:complexType> | |
637 | <!--tag is empty--> | |
638 | </xs:complexType> | |
639 | </xs:element> | |
640 | </xs:choice> | |
641 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
642 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
643 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
644 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
645 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
646 | </xs:complexType> | |
647 | </xs:element> | |
648 | <xs:element name="module" vs:help="configuration/system.net/defaultProxy/module"> | |
649 | <xs:complexType> | |
650 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
651 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
652 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
653 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
654 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
655 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
656 | </xs:complexType> | |
657 | </xs:element> | |
658 | <xs:element name="proxy" vs:help="configuration/system.net/defaultProxy/proxy"> | |
659 | <xs:complexType> | |
660 | <xs:attribute name="autoDetect" use="optional"> | |
661 | <xs:simpleType> | |
662 | <xs:restriction base="xs:NMTOKEN"> | |
663 | <xs:enumeration value="False" /> | |
664 | <xs:enumeration value="True" /> | |
665 | <xs:enumeration value="Unspecified" /> | |
666 | </xs:restriction> | |
667 | </xs:simpleType> | |
668 | </xs:attribute> | |
669 | <xs:attribute name="bypassonlocal" use="optional"> | |
670 | <xs:simpleType> | |
671 | <xs:restriction base="xs:NMTOKEN"> | |
672 | <xs:enumeration value="False" /> | |
673 | <xs:enumeration value="True" /> | |
674 | <xs:enumeration value="Unspecified" /> | |
675 | </xs:restriction> | |
676 | </xs:simpleType> | |
677 | </xs:attribute> | |
678 | <xs:attribute name="proxyaddress" type="xs:string" use="optional" /> | |
679 | <xs:attribute name="scriptLocation" type="xs:string" use="optional" /> | |
680 | <xs:attribute name="usesystemdefault" use="optional"> | |
681 | <xs:simpleType> | |
682 | <xs:restriction base="xs:NMTOKEN"> | |
683 | <xs:enumeration value="False" /> | |
684 | <xs:enumeration value="True" /> | |
685 | <xs:enumeration value="Unspecified" /> | |
686 | </xs:restriction> | |
687 | </xs:simpleType> | |
688 | </xs:attribute> | |
689 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
690 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
691 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
692 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
693 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
694 | </xs:complexType> | |
695 | </xs:element> | |
696 | </xs:choice> | |
697 | <xs:attribute name="enabled" type="small_boolean_Type" use="optional" /> | |
698 | <xs:attribute name="useDefaultCredentials" type="small_boolean_Type" use="optional" /> | |
699 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
700 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
701 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
702 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
703 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
704 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
705 | </xs:complexType> | |
706 | </xs:element> | |
707 | <xs:element name="requestCaching" vs:help="configuration/system.net/requestCaching"> | |
708 | <xs:complexType> | |
709 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
710 | <xs:element name="defaultFtpCachePolicy" vs:help="configuration/system.net/requestCaching/defaultFtpCachePolicy"> | |
711 | <xs:complexType> | |
712 | <xs:attribute name="policyLevel" use="optional"> | |
713 | <xs:simpleType> | |
714 | <xs:restriction base="xs:NMTOKEN"> | |
715 | <xs:enumeration value="BypassCache" /> | |
716 | <xs:enumeration value="CacheIfAvailable" /> | |
717 | <xs:enumeration value="CacheOnly" /> | |
718 | <xs:enumeration value="Default" /> | |
719 | <xs:enumeration value="NoCacheNoStore" /> | |
720 | <xs:enumeration value="Reload" /> | |
721 | <xs:enumeration value="Revalidate" /> | |
722 | </xs:restriction> | |
723 | </xs:simpleType> | |
724 | </xs:attribute> | |
725 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
726 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
727 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
728 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
729 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
730 | </xs:complexType> | |
731 | </xs:element> | |
732 | <xs:element name="defaultHttpCachePolicy" vs:help="configuration/system.net/requestCaching/defaultHttpCachePolicy"> | |
733 | <xs:complexType> | |
734 | <xs:attribute name="maximumAge" type="xs:string" use="optional" /> | |
735 | <xs:attribute name="maximumStale" type="xs:string" use="optional" /> | |
736 | <xs:attribute name="minimumFresh" type="xs:string" use="optional" /> | |
737 | <xs:attribute name="policyLevel" use="required"> | |
738 | <xs:simpleType> | |
739 | <xs:restriction base="xs:NMTOKEN"> | |
740 | <xs:enumeration value="BypassCache" /> | |
741 | <xs:enumeration value="CacheIfAvailable" /> | |
742 | <xs:enumeration value="CacheOnly" /> | |
743 | <xs:enumeration value="CacheOrNextCacheOnly" /> | |
744 | <xs:enumeration value="Default" /> | |
745 | <xs:enumeration value="NoCacheNoStore" /> | |
746 | <xs:enumeration value="Refresh" /> | |
747 | <xs:enumeration value="Reload" /> | |
748 | <xs:enumeration value="Revalidate" /> | |
749 | </xs:restriction> | |
750 | </xs:simpleType> | |
751 | </xs:attribute> | |
752 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
753 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
754 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
755 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
756 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
757 | </xs:complexType> | |
758 | </xs:element> | |
759 | </xs:choice> | |
760 | <xs:attribute name="defaultPolicyLevel" use="optional"> | |
761 | <xs:simpleType> | |
762 | <xs:restriction base="xs:NMTOKEN"> | |
763 | <xs:enumeration value="BypassCache" /> | |
764 | <xs:enumeration value="CacheIfAvailable" /> | |
765 | <xs:enumeration value="CacheOnly" /> | |
766 | <xs:enumeration value="Default" /> | |
767 | <xs:enumeration value="NoCacheNoStore" /> | |
768 | <xs:enumeration value="Reload" /> | |
769 | <xs:enumeration value="Revalidate" /> | |
770 | </xs:restriction> | |
771 | </xs:simpleType> | |
772 | </xs:attribute> | |
773 | <xs:attribute name="disableAllCaching" type="small_boolean_Type" use="optional" /> | |
774 | <xs:attribute name="isPrivateCache" type="small_boolean_Type" use="optional" /> | |
775 | <xs:attribute name="unspecifiedMaximumAge" type="xs:string" use="optional" /> | |
776 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
777 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
778 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
779 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
780 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
781 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
782 | </xs:complexType> | |
783 | </xs:element> | |
784 | <xs:element name="settings" vs:help="configuration/system.net/settings"> | |
785 | <xs:complexType> | |
786 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
787 | <xs:element name="httpWebRequest" vs:help="configuration/system.net/settings/httpWebRequest"> | |
788 | <xs:complexType> | |
789 | <xs:attribute name="maximumErrorResponseLength" type="xs:int" use="optional" /> | |
790 | <xs:attribute name="maximumResponseHeadersLength" type="xs:int" use="optional" /> | |
791 | <xs:attribute name="maximumUnauthorizedUploadLength" type="xs:int" use="optional" /> | |
792 | <xs:attribute name="useUnsafeHeaderParsing" type="small_boolean_Type" use="optional" /> | |
793 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
794 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
795 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
796 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
797 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
798 | </xs:complexType> | |
799 | </xs:element> | |
800 | <xs:element name="ipv6" vs:help="configuration/system.net/settings/ipv6"> | |
801 | <xs:complexType> | |
802 | <xs:attribute name="enabled" type="small_boolean_Type" use="optional" /> | |
803 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
804 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
805 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
806 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
807 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
808 | </xs:complexType> | |
809 | </xs:element> | |
810 | <xs:element name="performanceCounters" vs:help="configuration/system.net/settings/performanceCounters"> | |
811 | <xs:complexType> | |
812 | <xs:attribute name="enabled" type="small_boolean_Type" use="optional" /> | |
813 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
814 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
815 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
816 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
817 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
818 | </xs:complexType> | |
819 | </xs:element> | |
820 | <xs:element name="servicePointManager" vs:help="configuration/system.net/settings/servicePointManager"> | |
821 | <xs:complexType> | |
822 | <xs:attribute name="checkCertificateName" type="small_boolean_Type" use="optional" /> | |
823 | <xs:attribute name="checkCertificateRevocationList" type="small_boolean_Type" use="optional" /> | |
824 | <xs:attribute name="dnsRefreshTimeout" type="xs:int" use="optional" /> | |
825 | <xs:attribute name="enableDnsRoundRobin" type="small_boolean_Type" use="optional" /> | |
826 | <xs:attribute name="expect100Continue" type="small_boolean_Type" use="optional" /> | |
827 | <xs:attribute name="useNagleAlgorithm" type="small_boolean_Type" use="optional" /> | |
828 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
829 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
830 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
831 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
832 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
833 | </xs:complexType> | |
834 | </xs:element> | |
835 | <xs:element name="socket" vs:help="configuration/system.net/settings/socket"> | |
836 | <xs:complexType> | |
837 | <xs:attribute name="alwaysUseCompletionPortsForAccept" type="small_boolean_Type" use="optional" /> | |
838 | <xs:attribute name="alwaysUseCompletionPortsForConnect" type="small_boolean_Type" use="optional" /> | |
839 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
840 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
841 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
842 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
843 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
844 | </xs:complexType> | |
845 | </xs:element> | |
846 | <xs:element name="webProxyScript" vs:help="configuration/system.net/settings/webProxyScript"> | |
847 | <xs:complexType> | |
848 | <xs:attribute name="downloadTimeout" type="xs:string" use="optional" /> | |
849 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
850 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
851 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
852 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
853 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
854 | </xs:complexType> | |
855 | </xs:element> | |
856 | </xs:choice> | |
857 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
858 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
859 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
860 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
861 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
862 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
863 | </xs:complexType> | |
864 | </xs:element> | |
865 | <xs:element name="webRequestModules" vs:help="configuration/system.net/webRequestModules"> | |
866 | <xs:complexType> | |
867 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
868 | <xs:element name="add" vs:help="configuration/system.net/webRequestModules/add"> | |
869 | <xs:complexType> | |
870 | <xs:attribute name="prefix" type="xs:string" use="required" /> | |
871 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
872 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
873 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
874 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
875 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
876 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
877 | </xs:complexType> | |
878 | </xs:element> | |
879 | <xs:element name="remove" vs:help="configuration/system.net/webRequestModules/remove"> | |
880 | <xs:complexType> | |
881 | <xs:attribute name="prefix" type="xs:string" use="required" /> | |
882 | </xs:complexType> | |
883 | </xs:element> | |
884 | <xs:element name="clear" vs:help="configuration/system.net/webRequestModules/clear"> | |
885 | <xs:complexType> | |
886 | <!--tag is empty--> | |
887 | </xs:complexType> | |
888 | </xs:element> | |
889 | </xs:choice> | |
890 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
891 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
892 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
893 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
894 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
895 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
896 | </xs:complexType> | |
897 | </xs:element> | |
898 | <xs:element name="mailSettings" vs:help="configuration/system.net/mailSettings"> | |
899 | <xs:complexType> | |
900 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
901 | <xs:element name="smtp" vs:help="configuration/system.net/mailSettings/smtp"> | |
902 | <xs:complexType> | |
903 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
904 | <xs:element name="network" vs:help="configuration/system.net/mailSettings/smtp/network"> | |
905 | <xs:complexType> | |
906 | <xs:attribute name="defaultCredentials" type="small_boolean_Type" use="optional" /> | |
907 | <xs:attribute name="host" type="xs:string" use="optional" /> | |
908 | <xs:attribute name="password" type="xs:string" use="optional" /> | |
909 | <xs:attribute name="port" type="xs:int" use="optional" /> | |
910 | <xs:attribute name="userName" type="xs:string" use="optional" /> | |
911 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
912 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
913 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
914 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
915 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
916 | </xs:complexType> | |
917 | </xs:element> | |
918 | <xs:element name="specifiedPickupDirectory" vs:help="configuration/system.net/mailSettings/smtp/specifiedPickupDirectory"> | |
919 | <xs:complexType> | |
920 | <xs:attribute name="pickupDirectoryLocation" type="xs:string" use="optional" /> | |
921 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
922 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
923 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
924 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
925 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
926 | </xs:complexType> | |
927 | </xs:element> | |
928 | </xs:choice> | |
929 | <xs:attribute name="deliveryMethod" use="optional"> | |
930 | <xs:simpleType> | |
931 | <xs:restriction base="xs:NMTOKEN"> | |
932 | <xs:enumeration value="Network" /> | |
933 | <xs:enumeration value="PickupDirectoryFromIis" /> | |
934 | <xs:enumeration value="SpecifiedPickupDirectory" /> | |
935 | </xs:restriction> | |
936 | </xs:simpleType> | |
937 | </xs:attribute> | |
938 | <xs:attribute name="from" type="xs:string" use="optional" /> | |
939 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
940 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
941 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
942 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
943 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
944 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
945 | </xs:complexType> | |
946 | </xs:element> | |
947 | </xs:choice> | |
948 | </xs:complexType> | |
949 | </xs:element> | |
950 | </xs:choice> | |
951 | </xs:complexType> | |
952 | </xs:element> | |
953 | <xs:element name="system.transactions" vs:help="configuration/system.transactions"> | |
954 | <xs:complexType> | |
955 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
956 | <xs:element name="defaultSettings" vs:help="configuration/system.transactions/defaultSettings"> | |
957 | <xs:complexType> | |
958 | <xs:attribute name="distributedTransactionManagerName" type="xs:string" use="optional" /> | |
959 | <xs:attribute name="timeout" use="optional"> | |
960 | <xs:simpleType> | |
961 | <xs:restriction base="xs:string"> | |
962 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
963 | </xs:restriction> | |
964 | </xs:simpleType> | |
965 | </xs:attribute> | |
966 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
967 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
968 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
969 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
970 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
971 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
972 | </xs:complexType> | |
973 | </xs:element> | |
974 | <xs:element name="machineSettings" vs:help="configuration/system.transactions/machineSettings"> | |
975 | <xs:complexType> | |
976 | <xs:attribute name="maxTimeout" use="optional"> | |
977 | <xs:simpleType> | |
978 | <xs:restriction base="xs:string"> | |
979 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
980 | </xs:restriction> | |
981 | </xs:simpleType> | |
982 | </xs:attribute> | |
983 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
984 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
985 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
986 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
987 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
988 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
989 | </xs:complexType> | |
990 | </xs:element> | |
991 | </xs:choice> | |
992 | </xs:complexType> | |
993 | </xs:element> | |
994 | <xs:element name="system.web" vs:help="configuration/system.web"> | |
995 | <xs:complexType> | |
996 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
997 | <xs:element name="anonymousIdentification" vs:help="configuration/system.web/anonymousIdentification"> | |
998 | <xs:complexType> | |
999 | <xs:attribute name="cookieless" use="optional"> | |
1000 | <xs:simpleType> | |
1001 | <xs:restriction base="xs:NMTOKEN"> | |
1002 | <xs:enumeration value="AutoDetect" /> | |
1003 | <xs:enumeration value="UseCookies" /> | |
1004 | <xs:enumeration value="UseDeviceProfile" /> | |
1005 | <xs:enumeration value="UseUri" /> | |
1006 | </xs:restriction> | |
1007 | </xs:simpleType> | |
1008 | </xs:attribute> | |
1009 | <xs:attribute name="cookieName" use="optional"> | |
1010 | <xs:simpleType> | |
1011 | <xs:restriction base="xs:string"> | |
1012 | <xs:minLength value="1" /> | |
1013 | </xs:restriction> | |
1014 | </xs:simpleType> | |
1015 | </xs:attribute> | |
1016 | <xs:attribute name="cookiePath" use="optional"> | |
1017 | <xs:simpleType> | |
1018 | <xs:restriction base="xs:string"> | |
1019 | <xs:minLength value="1" /> | |
1020 | </xs:restriction> | |
1021 | </xs:simpleType> | |
1022 | </xs:attribute> | |
1023 | <xs:attribute name="cookieProtection" use="optional"> | |
1024 | <xs:simpleType> | |
1025 | <xs:restriction base="xs:NMTOKEN"> | |
1026 | <xs:enumeration value="All" /> | |
1027 | <xs:enumeration value="Encryption" /> | |
1028 | <xs:enumeration value="None" /> | |
1029 | <xs:enumeration value="Validation" /> | |
1030 | </xs:restriction> | |
1031 | </xs:simpleType> | |
1032 | </xs:attribute> | |
1033 | <xs:attribute name="cookieRequireSSL" type="small_boolean_Type" use="optional" /> | |
1034 | <xs:attribute name="cookieSlidingExpiration" type="small_boolean_Type" use="optional" /> | |
1035 | <xs:attribute name="cookieTimeout" use="optional"> | |
1036 | <xs:simpleType> | |
1037 | <xs:restriction base="xs:string"> | |
1038 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
1039 | </xs:restriction> | |
1040 | </xs:simpleType> | |
1041 | </xs:attribute> | |
1042 | <xs:attribute name="domain" type="xs:string" use="optional" /> | |
1043 | <xs:attribute name="enabled" type="small_boolean_Type" use="optional" /> | |
1044 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1045 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1046 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1047 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1048 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1049 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
1050 | </xs:complexType> | |
1051 | </xs:element> | |
1052 | <xs:element name="authentication" vs:help="configuration/system.web/authentication"> | |
1053 | <xs:complexType> | |
1054 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1055 | <xs:element name="forms" vs:help="configuration/system.web/authentication/forms"> | |
1056 | <xs:complexType> | |
1057 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1058 | <xs:element name="credentials" vs:help="configuration/system.web/authentication/forms/credentials"> | |
1059 | <xs:complexType> | |
1060 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1061 | <xs:element name="user" vs:help="configuration/system.web/authentication/forms/credentials/user"> | |
1062 | <xs:complexType> | |
1063 | <xs:attribute name="name" use="required"> | |
1064 | <xs:simpleType> | |
1065 | <xs:restriction base="xs:string"> | |
1066 | <xs:minLength value="0" /> | |
1067 | </xs:restriction> | |
1068 | </xs:simpleType> | |
1069 | </xs:attribute> | |
1070 | <xs:attribute name="password" use="required"> | |
1071 | <xs:simpleType> | |
1072 | <xs:restriction base="xs:string"> | |
1073 | <xs:minLength value="0" /> | |
1074 | </xs:restriction> | |
1075 | </xs:simpleType> | |
1076 | </xs:attribute> | |
1077 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1078 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1079 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1080 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1081 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1082 | </xs:complexType> | |
1083 | </xs:element> | |
1084 | </xs:choice> | |
1085 | <xs:attribute name="passwordFormat" use="optional"> | |
1086 | <xs:simpleType> | |
1087 | <xs:restriction base="xs:NMTOKEN"> | |
1088 | <xs:enumeration value="Clear" /> | |
1089 | <xs:enumeration value="MD5" /> | |
1090 | <xs:enumeration value="SHA1" /> | |
1091 | </xs:restriction> | |
1092 | </xs:simpleType> | |
1093 | </xs:attribute> | |
1094 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1095 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1096 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1097 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1098 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1099 | </xs:complexType> | |
1100 | </xs:element> | |
1101 | </xs:choice> | |
1102 | <xs:attribute name="cookieless" use="optional"> | |
1103 | <xs:simpleType> | |
1104 | <xs:restriction base="xs:NMTOKEN"> | |
1105 | <xs:enumeration value="AutoDetect" /> | |
1106 | <xs:enumeration value="UseCookies" /> | |
1107 | <xs:enumeration value="UseDeviceProfile" /> | |
1108 | <xs:enumeration value="UseUri" /> | |
1109 | </xs:restriction> | |
1110 | </xs:simpleType> | |
1111 | </xs:attribute> | |
1112 | <xs:attribute name="defaultUrl" use="optional"> | |
1113 | <xs:simpleType> | |
1114 | <xs:restriction base="xs:string"> | |
1115 | <xs:minLength value="1" /> | |
1116 | </xs:restriction> | |
1117 | </xs:simpleType> | |
1118 | </xs:attribute> | |
1119 | <xs:attribute name="domain" type="xs:string" use="optional" /> | |
1120 | <xs:attribute name="enableCrossAppRedirects" type="small_boolean_Type" use="optional" /> | |
1121 | <xs:attribute name="loginUrl" use="optional"> | |
1122 | <xs:simpleType> | |
1123 | <xs:restriction base="xs:string"> | |
1124 | <xs:minLength value="1" /> | |
1125 | </xs:restriction> | |
1126 | </xs:simpleType> | |
1127 | </xs:attribute> | |
1128 | <xs:attribute name="name" use="optional"> | |
1129 | <xs:simpleType> | |
1130 | <xs:restriction base="xs:string"> | |
1131 | <xs:minLength value="1" /> | |
1132 | </xs:restriction> | |
1133 | </xs:simpleType> | |
1134 | </xs:attribute> | |
1135 | <xs:attribute name="path" use="optional"> | |
1136 | <xs:simpleType> | |
1137 | <xs:restriction base="xs:string"> | |
1138 | <xs:minLength value="1" /> | |
1139 | </xs:restriction> | |
1140 | </xs:simpleType> | |
1141 | </xs:attribute> | |
1142 | <xs:attribute name="protection" use="optional"> | |
1143 | <xs:simpleType> | |
1144 | <xs:restriction base="xs:NMTOKEN"> | |
1145 | <xs:enumeration value="All" /> | |
1146 | <xs:enumeration value="Encryption" /> | |
1147 | <xs:enumeration value="None" /> | |
1148 | <xs:enumeration value="Validation" /> | |
1149 | </xs:restriction> | |
1150 | </xs:simpleType> | |
1151 | </xs:attribute> | |
1152 | <xs:attribute name="requireSSL" type="small_boolean_Type" use="optional" /> | |
1153 | <xs:attribute name="slidingExpiration" type="small_boolean_Type" use="optional" /> | |
1154 | <xs:attribute name="timeout" use="optional"> | |
1155 | <xs:simpleType> | |
1156 | <xs:restriction base="xs:string"> | |
1157 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
1158 | </xs:restriction> | |
1159 | </xs:simpleType> | |
1160 | </xs:attribute> | |
1161 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1162 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1163 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1164 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1165 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1166 | </xs:complexType> | |
1167 | </xs:element> | |
1168 | <xs:element name="passport" vs:help="configuration/system.web/authentication/passport"> | |
1169 | <xs:complexType> | |
1170 | <xs:attribute name="redirectUrl" use="optional"> | |
1171 | <xs:simpleType> | |
1172 | <xs:restriction base="xs:string"> | |
1173 | <xs:minLength value="0" /> | |
1174 | </xs:restriction> | |
1175 | </xs:simpleType> | |
1176 | </xs:attribute> | |
1177 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1178 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1179 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1180 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1181 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1182 | </xs:complexType> | |
1183 | </xs:element> | |
1184 | </xs:choice> | |
1185 | <xs:attribute name="mode" use="optional"> | |
1186 | <xs:simpleType> | |
1187 | <xs:restriction base="xs:NMTOKEN"> | |
1188 | <xs:enumeration value="Forms" /> | |
1189 | <xs:enumeration value="None" /> | |
1190 | <xs:enumeration value="Passport" /> | |
1191 | <xs:enumeration value="Windows" /> | |
1192 | </xs:restriction> | |
1193 | </xs:simpleType> | |
1194 | </xs:attribute> | |
1195 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1196 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1197 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1198 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1199 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1200 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
1201 | </xs:complexType> | |
1202 | </xs:element> | |
1203 | <xs:element name="authorization" vs:help="configuration/system.web/authorization"> | |
1204 | <xs:complexType> | |
1205 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1206 | <xs:element name="allow" vs:help="configuration/system.web/authorization/allow"> | |
1207 | <xs:complexType> | |
1208 | <xs:attribute name="roles" type="xs:string" use="optional" /> | |
1209 | <xs:attribute name="users" type="xs:string" use="optional" /> | |
1210 | <xs:attribute name="verbs" type="xs:string" use="optional" /> | |
1211 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1212 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1213 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1214 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1215 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1216 | </xs:complexType> | |
1217 | </xs:element> | |
1218 | <xs:element name="deny" vs:help="configuration/system.web/authorization/deny"> | |
1219 | <xs:complexType> | |
1220 | <xs:attribute name="roles" type="xs:string" use="optional" /> | |
1221 | <xs:attribute name="users" type="xs:string" use="optional" /> | |
1222 | <xs:attribute name="verbs" type="xs:string" use="optional" /> | |
1223 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1224 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1225 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1226 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1227 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1228 | </xs:complexType> | |
1229 | </xs:element> | |
1230 | </xs:choice> | |
1231 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1232 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1233 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1234 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1235 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1236 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
1237 | </xs:complexType> | |
1238 | </xs:element> | |
1239 | <xs:element name="browserCaps" vs:help="configuration/system.web/browserCaps" /> | |
1240 | <xs:element name="clientTarget" vs:help="configuration/system.web/clientTarget"> | |
1241 | <xs:complexType> | |
1242 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1243 | <xs:element name="add" vs:help="configuration/system.web/clientTarget/add"> | |
1244 | <xs:complexType> | |
1245 | <xs:attribute name="alias" use="required"> | |
1246 | <xs:simpleType> | |
1247 | <xs:restriction base="xs:string"> | |
1248 | <xs:minLength value="1" /> | |
1249 | </xs:restriction> | |
1250 | </xs:simpleType> | |
1251 | </xs:attribute> | |
1252 | <xs:attribute name="userAgent" use="required"> | |
1253 | <xs:simpleType> | |
1254 | <xs:restriction base="xs:string"> | |
1255 | <xs:minLength value="1" /> | |
1256 | </xs:restriction> | |
1257 | </xs:simpleType> | |
1258 | </xs:attribute> | |
1259 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1260 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1261 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1262 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1263 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1264 | </xs:complexType> | |
1265 | </xs:element> | |
1266 | <xs:element name="remove" vs:help="configuration/system.web/clientTarget/remove"> | |
1267 | <xs:complexType> | |
1268 | <xs:attribute name="alias" use="required"> | |
1269 | <xs:simpleType> | |
1270 | <xs:restriction base="xs:string"> | |
1271 | <xs:minLength value="1" /> | |
1272 | </xs:restriction> | |
1273 | </xs:simpleType> | |
1274 | </xs:attribute> | |
1275 | </xs:complexType> | |
1276 | </xs:element> | |
1277 | <xs:element name="clear" vs:help="configuration/system.web/clientTarget/clear"> | |
1278 | <xs:complexType> | |
1279 | <!--tag is empty--> | |
1280 | </xs:complexType> | |
1281 | </xs:element> | |
1282 | </xs:choice> | |
1283 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1284 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1285 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1286 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1287 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1288 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
1289 | </xs:complexType> | |
1290 | </xs:element> | |
1291 | <xs:element name="compilation" vs:help="configuration/system.web/compilation"> | |
1292 | <xs:complexType> | |
1293 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1294 | <xs:element name="assemblies" vs:help="configuration/system.web/compilation/assemblies"> | |
1295 | <xs:complexType> | |
1296 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1297 | <xs:element name="add" vs:help="configuration/system.web/compilation/assemblies/add"> | |
1298 | <xs:complexType> | |
1299 | <xs:attribute name="assembly" use="required"> | |
1300 | <xs:simpleType> | |
1301 | <xs:restriction base="xs:string"> | |
1302 | <xs:minLength value="1" /> | |
1303 | </xs:restriction> | |
1304 | </xs:simpleType> | |
1305 | </xs:attribute> | |
1306 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1307 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1308 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1309 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1310 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1311 | </xs:complexType> | |
1312 | </xs:element> | |
1313 | <xs:element name="remove" vs:help="configuration/system.web/compilation/assemblies/remove"> | |
1314 | <xs:complexType> | |
1315 | <xs:attribute name="assembly" use="required"> | |
1316 | <xs:simpleType> | |
1317 | <xs:restriction base="xs:string"> | |
1318 | <xs:minLength value="1" /> | |
1319 | </xs:restriction> | |
1320 | </xs:simpleType> | |
1321 | </xs:attribute> | |
1322 | </xs:complexType> | |
1323 | </xs:element> | |
1324 | <xs:element name="clear" vs:help="configuration/system.web/compilation/assemblies/clear"> | |
1325 | <xs:complexType> | |
1326 | <!--tag is empty--> | |
1327 | </xs:complexType> | |
1328 | </xs:element> | |
1329 | </xs:choice> | |
1330 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1331 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1332 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1333 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1334 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1335 | </xs:complexType> | |
1336 | </xs:element> | |
1337 | <xs:element name="buildProviders" vs:help="configuration/system.web/compilation/buildProviders"> | |
1338 | <xs:complexType> | |
1339 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1340 | <xs:element name="add" vs:help="configuration/system.web/compilation/buildProviders/add"> | |
1341 | <xs:complexType> | |
1342 | <xs:attribute name="extension" use="required"> | |
1343 | <xs:simpleType> | |
1344 | <xs:restriction base="xs:string"> | |
1345 | <xs:minLength value="1" /> | |
1346 | </xs:restriction> | |
1347 | </xs:simpleType> | |
1348 | </xs:attribute> | |
1349 | <xs:attribute name="type" use="required"> | |
1350 | <xs:simpleType> | |
1351 | <xs:restriction base="xs:string"> | |
1352 | <xs:minLength value="1" /> | |
1353 | </xs:restriction> | |
1354 | </xs:simpleType> | |
1355 | </xs:attribute> | |
1356 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1357 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1358 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1359 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1360 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1361 | </xs:complexType> | |
1362 | </xs:element> | |
1363 | <xs:element name="remove" vs:help="configuration/system.web/compilation/buildProviders/remove"> | |
1364 | <xs:complexType> | |
1365 | <xs:attribute name="extension" use="required"> | |
1366 | <xs:simpleType> | |
1367 | <xs:restriction base="xs:string"> | |
1368 | <xs:minLength value="1" /> | |
1369 | </xs:restriction> | |
1370 | </xs:simpleType> | |
1371 | </xs:attribute> | |
1372 | </xs:complexType> | |
1373 | </xs:element> | |
1374 | <xs:element name="clear" vs:help="configuration/system.web/compilation/buildProviders/clear"> | |
1375 | <xs:complexType> | |
1376 | <!--tag is empty--> | |
1377 | </xs:complexType> | |
1378 | </xs:element> | |
1379 | </xs:choice> | |
1380 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1381 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1382 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1383 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1384 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1385 | </xs:complexType> | |
1386 | </xs:element> | |
1387 | <xs:element name="codeSubDirectories" vs:help="configuration/system.web/compilation/codeSubDirectories"> | |
1388 | <xs:complexType> | |
1389 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1390 | <xs:element name="add" vs:help="configuration/system.web/compilation/codeSubDirectories/add"> | |
1391 | <xs:complexType> | |
1392 | <xs:attribute name="directoryName" use="required"> | |
1393 | <xs:simpleType> | |
1394 | <xs:restriction base="xs:string"> | |
1395 | <xs:whiteSpace value="collapse" /> | |
1396 | </xs:restriction> | |
1397 | </xs:simpleType> | |
1398 | </xs:attribute> | |
1399 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1400 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1401 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1402 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1403 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1404 | </xs:complexType> | |
1405 | </xs:element> | |
1406 | </xs:choice> | |
1407 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1408 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1409 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1410 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1411 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1412 | </xs:complexType> | |
1413 | </xs:element> | |
1414 | <xs:element name="expressionBuilders" vs:help="configuration/system.web/compilation/expressionBuilders"> | |
1415 | <xs:complexType> | |
1416 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1417 | <xs:element name="add" vs:help="configuration/system.web/compilation/expressionBuilders/add"> | |
1418 | <xs:complexType> | |
1419 | <xs:attribute name="expressionPrefix" use="required"> | |
1420 | <xs:simpleType> | |
1421 | <xs:restriction base="xs:string"> | |
1422 | <xs:minLength value="1" /> | |
1423 | </xs:restriction> | |
1424 | </xs:simpleType> | |
1425 | </xs:attribute> | |
1426 | <xs:attribute name="type" use="required"> | |
1427 | <xs:simpleType> | |
1428 | <xs:restriction base="xs:string"> | |
1429 | <xs:minLength value="1" /> | |
1430 | </xs:restriction> | |
1431 | </xs:simpleType> | |
1432 | </xs:attribute> | |
1433 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1434 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1435 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1436 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1437 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1438 | </xs:complexType> | |
1439 | </xs:element> | |
1440 | <xs:element name="remove" vs:help="configuration/system.web/compilation/expressionBuilders/remove"> | |
1441 | <xs:complexType> | |
1442 | <xs:attribute name="expressionPrefix" use="required"> | |
1443 | <xs:simpleType> | |
1444 | <xs:restriction base="xs:string"> | |
1445 | <xs:minLength value="1" /> | |
1446 | </xs:restriction> | |
1447 | </xs:simpleType> | |
1448 | </xs:attribute> | |
1449 | </xs:complexType> | |
1450 | </xs:element> | |
1451 | <xs:element name="clear" vs:help="configuration/system.web/compilation/expressionBuilders/clear"> | |
1452 | <xs:complexType> | |
1453 | <!--tag is empty--> | |
1454 | </xs:complexType> | |
1455 | </xs:element> | |
1456 | </xs:choice> | |
1457 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1458 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1459 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1460 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1461 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1462 | </xs:complexType> | |
1463 | </xs:element> | |
1464 | </xs:choice> | |
1465 | <xs:attribute name="assemblyPostProcessorType" type="xs:string" use="optional" /> | |
1466 | <xs:attribute name="batch" type="small_boolean_Type" use="optional" /> | |
1467 | <xs:attribute name="batchTimeout" use="optional"> | |
1468 | <xs:simpleType> | |
1469 | <xs:restriction base="xs:string"> | |
1470 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
1471 | </xs:restriction> | |
1472 | </xs:simpleType> | |
1473 | </xs:attribute> | |
1474 | <xs:attribute name="debug" type="small_boolean_Type" use="optional" /> | |
1475 | <xs:attribute name="defaultLanguage" type="xs:string" use="optional" /> | |
1476 | <xs:attribute name="explicit" type="small_boolean_Type" use="optional" /> | |
1477 | <xs:attribute name="maxBatchGeneratedFileSize" type="xs:int" use="optional" /> | |
1478 | <xs:attribute name="maxBatchSize" type="xs:int" use="optional" /> | |
1479 | <xs:attribute name="numRecompilesBeforeAppRestart" type="xs:int" use="optional" /> | |
1480 | <xs:attribute name="strict" type="small_boolean_Type" use="optional" /> | |
1481 | <xs:attribute name="tempDirectory" type="xs:string" use="optional" /> | |
1482 | <xs:attribute name="urlLinePragmas" type="small_boolean_Type" use="optional" /> | |
1483 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1484 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1485 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1486 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1487 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1488 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
1489 | </xs:complexType> | |
1490 | </xs:element> | |
1491 | <xs:element name="customErrors" vs:help="configuration/system.web/customErrors"> | |
1492 | <xs:complexType> | |
1493 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1494 | <xs:element name="error" vs:help="configuration/system.web/customErrors/error"> | |
1495 | <xs:complexType> | |
1496 | <xs:attribute name="redirect" use="required"> | |
1497 | <xs:simpleType> | |
1498 | <xs:restriction base="xs:string"> | |
1499 | <xs:minLength value="1" /> | |
1500 | </xs:restriction> | |
1501 | </xs:simpleType> | |
1502 | </xs:attribute> | |
1503 | <xs:attribute name="statusCode" use="required"> | |
1504 | <xs:simpleType> | |
1505 | <xs:restriction base="xs:int"> | |
1506 | <xs:minInclusive value="100" /> | |
1507 | <xs:maxInclusive value="999" /> | |
1508 | </xs:restriction> | |
1509 | </xs:simpleType> | |
1510 | </xs:attribute> | |
1511 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1512 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1513 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1514 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1515 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1516 | </xs:complexType> | |
1517 | </xs:element> | |
1518 | </xs:choice> | |
1519 | <xs:attribute name="defaultRedirect" type="xs:string" use="optional" /> | |
1520 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1521 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1522 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1523 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1524 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1525 | <xs:attribute name="mode" use="optional"> | |
1526 | <xs:simpleType> | |
1527 | <xs:restriction base="xs:NMTOKEN"> | |
1528 | <xs:enumeration value="Off" /> | |
1529 | <xs:enumeration value="On" /> | |
1530 | <xs:enumeration value="RemoteOnly" /> | |
1531 | </xs:restriction> | |
1532 | </xs:simpleType> | |
1533 | </xs:attribute> | |
1534 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
1535 | </xs:complexType> | |
1536 | </xs:element> | |
1537 | <xs:element name="deployment" vs:help="configuration/system.web/deployment"> | |
1538 | <xs:complexType> | |
1539 | <xs:attribute name="retail" type="small_boolean_Type" use="optional" /> | |
1540 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1541 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1542 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1543 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1544 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1545 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
1546 | </xs:complexType> | |
1547 | </xs:element> | |
1548 | <xs:element name="deviceFilters" vs:help="configuration/system.web/deviceFilters"> | |
1549 | <xs:complexType> | |
1550 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1551 | <xs:element name="filter" vs:help="configuration/system.web/deviceFilters/filter"> | |
1552 | <xs:complexType> | |
1553 | <xs:attribute name="argument" use="optional"> | |
1554 | <xs:simpleType> | |
1555 | <xs:restriction base="xs:string"> | |
1556 | <xs:minLength value="1" /> | |
1557 | </xs:restriction> | |
1558 | </xs:simpleType> | |
1559 | </xs:attribute> | |
1560 | <xs:attribute name="compare" use="optional"> | |
1561 | <xs:simpleType> | |
1562 | <xs:restriction base="xs:string"> | |
1563 | <xs:minLength value="1" /> | |
1564 | </xs:restriction> | |
1565 | </xs:simpleType> | |
1566 | </xs:attribute> | |
1567 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
1568 | <xs:attribute name="method" use="optional"> | |
1569 | <xs:simpleType> | |
1570 | <xs:restriction base="xs:string"> | |
1571 | <xs:minLength value="1" /> | |
1572 | </xs:restriction> | |
1573 | </xs:simpleType> | |
1574 | </xs:attribute> | |
1575 | <xs:attribute name="name" use="required"> | |
1576 | <xs:simpleType> | |
1577 | <xs:restriction base="xs:string"> | |
1578 | <xs:minLength value="1" /> | |
1579 | </xs:restriction> | |
1580 | </xs:simpleType> | |
1581 | </xs:attribute> | |
1582 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1583 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1584 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1585 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1586 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1587 | </xs:complexType> | |
1588 | </xs:element> | |
1589 | </xs:choice> | |
1590 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1591 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1592 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1593 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1594 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1595 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
1596 | </xs:complexType> | |
1597 | </xs:element> | |
1598 | <xs:element name="globalization" vs:help="configuration/system.web/globalization"> | |
1599 | <xs:complexType> | |
1600 | <xs:attribute name="culture" type="xs:string" use="optional" /> | |
1601 | <xs:attribute name="enableBestFitResponseEncoding" type="small_boolean_Type" use="optional" /> | |
1602 | <xs:attribute name="enableClientBasedCulture" type="small_boolean_Type" use="optional" /> | |
1603 | <xs:attribute name="fileEncoding" type="xs:string" use="optional" /> | |
1604 | <xs:attribute name="requestEncoding" type="xs:string" use="optional" /> | |
1605 | <xs:attribute name="resourceProviderFactoryType" type="xs:string" use="optional" /> | |
1606 | <xs:attribute name="responseEncoding" type="xs:string" use="optional" /> | |
1607 | <xs:attribute name="responseHeaderEncoding" type="xs:string" use="optional" /> | |
1608 | <xs:attribute name="uiCulture" type="xs:string" use="optional" /> | |
1609 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1610 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1611 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1612 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1613 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1614 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
1615 | </xs:complexType> | |
1616 | </xs:element> | |
1617 | <xs:element name="healthMonitoring" vs:help="configuration/system.web/healthMonitoring"> | |
1618 | <xs:complexType> | |
1619 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1620 | <xs:element name="bufferModes" vs:help="configuration/system.web/healthMonitoring/bufferModes"> | |
1621 | <xs:complexType> | |
1622 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1623 | <xs:element name="add" vs:help="configuration/system.web/healthMonitoring/bufferModes/add"> | |
1624 | <xs:complexType> | |
1625 | <xs:attribute name="maxBufferSize" use="required"> | |
1626 | <xs:simpleType> | |
1627 | <xs:union memberTypes="xs:int Infinite"> | |
1628 | <xs:simpleType> | |
1629 | <xs:restriction base="xs:int"> | |
1630 | <xs:minInclusive value="1" /> | |
1631 | </xs:restriction> | |
1632 | </xs:simpleType> | |
1633 | </xs:union> | |
1634 | </xs:simpleType> | |
1635 | </xs:attribute> | |
1636 | <xs:attribute name="maxBufferThreads" use="optional"> | |
1637 | <xs:simpleType> | |
1638 | <xs:union memberTypes="xs:int Infinite"> | |
1639 | <xs:simpleType> | |
1640 | <xs:restriction base="xs:int"> | |
1641 | <xs:minInclusive value="1" /> | |
1642 | </xs:restriction> | |
1643 | </xs:simpleType> | |
1644 | </xs:union> | |
1645 | </xs:simpleType> | |
1646 | </xs:attribute> | |
1647 | <xs:attribute name="maxFlushSize" use="required"> | |
1648 | <xs:simpleType> | |
1649 | <xs:union memberTypes="xs:int Infinite"> | |
1650 | <xs:simpleType> | |
1651 | <xs:restriction base="xs:int"> | |
1652 | <xs:minInclusive value="1" /> | |
1653 | </xs:restriction> | |
1654 | </xs:simpleType> | |
1655 | </xs:union> | |
1656 | </xs:simpleType> | |
1657 | </xs:attribute> | |
1658 | <xs:attribute name="name" use="required"> | |
1659 | <xs:simpleType> | |
1660 | <xs:restriction base="xs:string"> | |
1661 | <xs:minLength value="1" /> | |
1662 | </xs:restriction> | |
1663 | </xs:simpleType> | |
1664 | </xs:attribute> | |
1665 | <xs:attribute name="regularFlushInterval" use="required"> | |
1666 | <xs:simpleType> | |
1667 | <xs:restriction base="xs:string"> | |
1668 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
1669 | </xs:restriction> | |
1670 | </xs:simpleType> | |
1671 | </xs:attribute> | |
1672 | <xs:attribute name="urgentFlushInterval" type="xs:string" use="required" /> | |
1673 | <xs:attribute name="urgentFlushThreshold" use="required"> | |
1674 | <xs:simpleType> | |
1675 | <xs:union memberTypes="xs:int Infinite"> | |
1676 | <xs:simpleType> | |
1677 | <xs:restriction base="xs:int"> | |
1678 | <xs:minInclusive value="1" /> | |
1679 | </xs:restriction> | |
1680 | </xs:simpleType> | |
1681 | </xs:union> | |
1682 | </xs:simpleType> | |
1683 | </xs:attribute> | |
1684 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1685 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1686 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1687 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1688 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1689 | </xs:complexType> | |
1690 | </xs:element> | |
1691 | <xs:element name="remove" vs:help="configuration/system.web/healthMonitoring/bufferModes/remove"> | |
1692 | <xs:complexType> | |
1693 | <xs:attribute name="name" use="required"> | |
1694 | <xs:simpleType> | |
1695 | <xs:restriction base="xs:string"> | |
1696 | <xs:minLength value="1" /> | |
1697 | </xs:restriction> | |
1698 | </xs:simpleType> | |
1699 | </xs:attribute> | |
1700 | </xs:complexType> | |
1701 | </xs:element> | |
1702 | <xs:element name="clear" vs:help="configuration/system.web/healthMonitoring/bufferModes/clear"> | |
1703 | <xs:complexType> | |
1704 | <!--tag is empty--> | |
1705 | </xs:complexType> | |
1706 | </xs:element> | |
1707 | </xs:choice> | |
1708 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1709 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1710 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1711 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1712 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1713 | </xs:complexType> | |
1714 | </xs:element> | |
1715 | <xs:element name="eventMappings" vs:help="configuration/system.web/healthMonitoring/eventMappings"> | |
1716 | <xs:complexType> | |
1717 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1718 | <xs:element name="add" vs:help="configuration/system.web/healthMonitoring/eventMappings/add"> | |
1719 | <xs:complexType> | |
1720 | <xs:attribute name="endEventCode" use="optional"> | |
1721 | <xs:simpleType> | |
1722 | <xs:restriction base="xs:int"> | |
1723 | <xs:minInclusive value="0" /> | |
1724 | </xs:restriction> | |
1725 | </xs:simpleType> | |
1726 | </xs:attribute> | |
1727 | <xs:attribute name="name" type="xs:string" use="required" /> | |
1728 | <xs:attribute name="startEventCode" use="optional"> | |
1729 | <xs:simpleType> | |
1730 | <xs:restriction base="xs:int"> | |
1731 | <xs:minInclusive value="0" /> | |
1732 | </xs:restriction> | |
1733 | </xs:simpleType> | |
1734 | </xs:attribute> | |
1735 | <xs:attribute name="type" type="xs:string" use="required" /> | |
1736 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1737 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1738 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1739 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1740 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1741 | </xs:complexType> | |
1742 | </xs:element> | |
1743 | <xs:element name="remove" vs:help="configuration/system.web/healthMonitoring/eventMappings/remove"> | |
1744 | <xs:complexType> | |
1745 | <xs:attribute name="name" type="xs:string" use="required" /> | |
1746 | </xs:complexType> | |
1747 | </xs:element> | |
1748 | <xs:element name="clear" vs:help="configuration/system.web/healthMonitoring/eventMappings/clear"> | |
1749 | <xs:complexType> | |
1750 | <!--tag is empty--> | |
1751 | </xs:complexType> | |
1752 | </xs:element> | |
1753 | </xs:choice> | |
1754 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1755 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1756 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1757 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1758 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1759 | </xs:complexType> | |
1760 | </xs:element> | |
1761 | <xs:element name="profiles" vs:help="configuration/system.web/healthMonitoring/profiles"> | |
1762 | <xs:complexType> | |
1763 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1764 | <xs:element name="add" vs:help="configuration/system.web/healthMonitoring/profiles/add"> | |
1765 | <xs:complexType> | |
1766 | <xs:attribute name="custom" type="xs:string" use="optional" /> | |
1767 | <xs:attribute name="maxLimit" use="optional"> | |
1768 | <xs:simpleType> | |
1769 | <xs:union memberTypes="xs:int Infinite"> | |
1770 | <xs:simpleType> | |
1771 | <xs:restriction base="xs:int"> | |
1772 | <xs:minInclusive value="0" /> | |
1773 | </xs:restriction> | |
1774 | </xs:simpleType> | |
1775 | </xs:union> | |
1776 | </xs:simpleType> | |
1777 | </xs:attribute> | |
1778 | <xs:attribute name="minInstances" use="optional"> | |
1779 | <xs:simpleType> | |
1780 | <xs:restriction base="xs:int"> | |
1781 | <xs:minInclusive value="1" /> | |
1782 | </xs:restriction> | |
1783 | </xs:simpleType> | |
1784 | </xs:attribute> | |
1785 | <xs:attribute name="minInterval" type="xs:string" use="optional" /> | |
1786 | <xs:attribute name="name" use="required"> | |
1787 | <xs:simpleType> | |
1788 | <xs:restriction base="xs:string"> | |
1789 | <xs:minLength value="1" /> | |
1790 | </xs:restriction> | |
1791 | </xs:simpleType> | |
1792 | </xs:attribute> | |
1793 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1794 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1795 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1796 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1797 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1798 | </xs:complexType> | |
1799 | </xs:element> | |
1800 | <xs:element name="remove" vs:help="configuration/system.web/healthMonitoring/profiles/remove"> | |
1801 | <xs:complexType> | |
1802 | <xs:attribute name="name" use="required"> | |
1803 | <xs:simpleType> | |
1804 | <xs:restriction base="xs:string"> | |
1805 | <xs:minLength value="1" /> | |
1806 | </xs:restriction> | |
1807 | </xs:simpleType> | |
1808 | </xs:attribute> | |
1809 | </xs:complexType> | |
1810 | </xs:element> | |
1811 | <xs:element name="clear" vs:help="configuration/system.web/healthMonitoring/profiles/clear"> | |
1812 | <xs:complexType> | |
1813 | <!--tag is empty--> | |
1814 | </xs:complexType> | |
1815 | </xs:element> | |
1816 | </xs:choice> | |
1817 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1818 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1819 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1820 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1821 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1822 | </xs:complexType> | |
1823 | </xs:element> | |
1824 | <xs:element name="providers" vs:help="configuration/system.web/healthMonitoring/providers"> | |
1825 | <xs:complexType> | |
1826 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1827 | <xs:element name="add" vs:help="configuration/system.web/healthMonitoring/providers/add"> | |
1828 | <xs:complexType> | |
1829 | <xs:attribute name="name" type="xs:string" use="required" /> | |
1830 | <xs:attribute name="type" type="xs:string" use="required" /> | |
1831 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1832 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1833 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1834 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1835 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1836 | <xs:anyAttribute processContents="skip" /> | |
1837 | </xs:complexType> | |
1838 | </xs:element> | |
1839 | <xs:element name="remove" vs:help="configuration/system.web/healthMonitoring/providers/remove"> | |
1840 | <xs:complexType> | |
1841 | <xs:attribute name="name" type="xs:string" use="required" /> | |
1842 | </xs:complexType> | |
1843 | </xs:element> | |
1844 | <xs:element name="clear" vs:help="configuration/system.web/healthMonitoring/providers/clear"> | |
1845 | <xs:complexType> | |
1846 | <!--tag is empty--> | |
1847 | </xs:complexType> | |
1848 | </xs:element> | |
1849 | </xs:choice> | |
1850 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1851 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1852 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1853 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1854 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1855 | </xs:complexType> | |
1856 | </xs:element> | |
1857 | <xs:element name="rules" vs:help="configuration/system.web/healthMonitoring/rules"> | |
1858 | <xs:complexType> | |
1859 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1860 | <xs:element name="add" vs:help="configuration/system.web/healthMonitoring/rules/add"> | |
1861 | <xs:complexType> | |
1862 | <xs:attribute name="custom" type="xs:string" use="optional" /> | |
1863 | <xs:attribute name="eventName" type="xs:string" use="required" /> | |
1864 | <xs:attribute name="maxLimit" use="optional"> | |
1865 | <xs:simpleType> | |
1866 | <xs:union memberTypes="xs:int Infinite"> | |
1867 | <xs:simpleType> | |
1868 | <xs:restriction base="xs:int"> | |
1869 | <xs:minInclusive value="0" /> | |
1870 | </xs:restriction> | |
1871 | </xs:simpleType> | |
1872 | </xs:union> | |
1873 | </xs:simpleType> | |
1874 | </xs:attribute> | |
1875 | <xs:attribute name="minInstances" use="optional"> | |
1876 | <xs:simpleType> | |
1877 | <xs:restriction base="xs:int"> | |
1878 | <xs:minInclusive value="1" /> | |
1879 | </xs:restriction> | |
1880 | </xs:simpleType> | |
1881 | </xs:attribute> | |
1882 | <xs:attribute name="minInterval" type="xs:string" use="optional" /> | |
1883 | <xs:attribute name="name" use="required"> | |
1884 | <xs:simpleType> | |
1885 | <xs:restriction base="xs:string"> | |
1886 | <xs:minLength value="1" /> | |
1887 | </xs:restriction> | |
1888 | </xs:simpleType> | |
1889 | </xs:attribute> | |
1890 | <xs:attribute name="profile" type="xs:string" use="optional" /> | |
1891 | <xs:attribute name="provider" type="xs:string" use="optional" /> | |
1892 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1893 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1894 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1895 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1896 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1897 | </xs:complexType> | |
1898 | </xs:element> | |
1899 | <xs:element name="remove" vs:help="configuration/system.web/healthMonitoring/rules/remove"> | |
1900 | <xs:complexType> | |
1901 | <xs:attribute name="name" use="required"> | |
1902 | <xs:simpleType> | |
1903 | <xs:restriction base="xs:string"> | |
1904 | <xs:minLength value="1" /> | |
1905 | </xs:restriction> | |
1906 | </xs:simpleType> | |
1907 | </xs:attribute> | |
1908 | </xs:complexType> | |
1909 | </xs:element> | |
1910 | <xs:element name="clear" vs:help="configuration/system.web/healthMonitoring/rules/clear"> | |
1911 | <xs:complexType> | |
1912 | <!--tag is empty--> | |
1913 | </xs:complexType> | |
1914 | </xs:element> | |
1915 | </xs:choice> | |
1916 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1917 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1918 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1919 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1920 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1921 | </xs:complexType> | |
1922 | </xs:element> | |
1923 | </xs:choice> | |
1924 | <xs:attribute name="enabled" type="small_boolean_Type" use="optional" /> | |
1925 | <xs:attribute name="heartbeatInterval" use="optional"> | |
1926 | <xs:simpleType> | |
1927 | <xs:restriction base="xs:string"> | |
1928 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
1929 | </xs:restriction> | |
1930 | </xs:simpleType> | |
1931 | </xs:attribute> | |
1932 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1933 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1934 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1935 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1936 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1937 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
1938 | </xs:complexType> | |
1939 | </xs:element> | |
1940 | <xs:element name="hostingEnvironment" vs:help="configuration/system.web/hostingEnvironment"> | |
1941 | <xs:complexType> | |
1942 | <xs:attribute name="idleTimeout" use="optional"> | |
1943 | <xs:simpleType> | |
1944 | <xs:restriction base="xs:string"> | |
1945 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
1946 | </xs:restriction> | |
1947 | </xs:simpleType> | |
1948 | </xs:attribute> | |
1949 | <xs:attribute name="shadowCopyBinAssemblies" type="small_boolean_Type" use="optional" /> | |
1950 | <xs:attribute name="shutdownTimeout" use="optional"> | |
1951 | <xs:simpleType> | |
1952 | <xs:restriction base="xs:string"> | |
1953 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
1954 | </xs:restriction> | |
1955 | </xs:simpleType> | |
1956 | </xs:attribute> | |
1957 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1958 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1959 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1960 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1961 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1962 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
1963 | </xs:complexType> | |
1964 | </xs:element> | |
1965 | <xs:element name="httpCookies" vs:help="configuration/system.web/httpCookies"> | |
1966 | <xs:complexType> | |
1967 | <xs:attribute name="domain" type="xs:string" use="optional" /> | |
1968 | <xs:attribute name="httpOnlyCookies" type="small_boolean_Type" use="optional" /> | |
1969 | <xs:attribute name="requireSSL" type="small_boolean_Type" use="optional" /> | |
1970 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1971 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1972 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1973 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1974 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1975 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
1976 | </xs:complexType> | |
1977 | </xs:element> | |
1978 | <xs:element name="httpHandlers" vs:help="configuration/system.web/httpHandlers"> | |
1979 | <xs:complexType> | |
1980 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
1981 | <xs:element name="add" vs:help="configuration/system.web/httpHandlers/add"> | |
1982 | <xs:complexType> | |
1983 | <xs:attribute name="path" type="xs:string" use="required" /> | |
1984 | <xs:attribute name="type" type="xs:string" use="required" /> | |
1985 | <xs:attribute name="validate" type="small_boolean_Type" use="optional" /> | |
1986 | <xs:attribute name="verb" type="xs:string" use="required" /> | |
1987 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
1988 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
1989 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
1990 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
1991 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
1992 | </xs:complexType> | |
1993 | </xs:element> | |
1994 | <xs:element name="remove" vs:help="configuration/system.web/httpHandlers/remove"> | |
1995 | <xs:complexType> | |
1996 | <xs:attribute name="path" type="xs:string" use="required" /> | |
1997 | <xs:attribute name="verb" type="xs:string" use="required" /> | |
1998 | </xs:complexType> | |
1999 | </xs:element> | |
2000 | <xs:element name="clear" vs:help="configuration/system.web/httpHandlers/clear"> | |
2001 | <xs:complexType> | |
2002 | <!--tag is empty--> | |
2003 | </xs:complexType> | |
2004 | </xs:element> | |
2005 | </xs:choice> | |
2006 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2007 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2008 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2009 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2010 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2011 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
2012 | </xs:complexType> | |
2013 | </xs:element> | |
2014 | <xs:element name="httpModules" vs:help="configuration/system.web/httpModules"> | |
2015 | <xs:complexType> | |
2016 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2017 | <xs:element name="add" vs:help="configuration/system.web/httpModules/add"> | |
2018 | <xs:complexType> | |
2019 | <xs:attribute name="name" use="required"> | |
2020 | <xs:simpleType> | |
2021 | <xs:restriction base="xs:string"> | |
2022 | <xs:minLength value="1" /> | |
2023 | </xs:restriction> | |
2024 | </xs:simpleType> | |
2025 | </xs:attribute> | |
2026 | <xs:attribute name="type" type="xs:string" use="required" /> | |
2027 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2028 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2029 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2030 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2031 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2032 | </xs:complexType> | |
2033 | </xs:element> | |
2034 | <xs:element name="remove" vs:help="configuration/system.web/httpModules/remove"> | |
2035 | <xs:complexType> | |
2036 | <xs:attribute name="name" use="required"> | |
2037 | <xs:simpleType> | |
2038 | <xs:restriction base="xs:string"> | |
2039 | <xs:minLength value="1" /> | |
2040 | </xs:restriction> | |
2041 | </xs:simpleType> | |
2042 | </xs:attribute> | |
2043 | </xs:complexType> | |
2044 | </xs:element> | |
2045 | <xs:element name="clear" vs:help="configuration/system.web/httpModules/clear"> | |
2046 | <xs:complexType> | |
2047 | <!--tag is empty--> | |
2048 | </xs:complexType> | |
2049 | </xs:element> | |
2050 | </xs:choice> | |
2051 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2052 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2053 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2054 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2055 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2056 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
2057 | </xs:complexType> | |
2058 | </xs:element> | |
2059 | <xs:element name="httpRuntime" vs:help="configuration/system.web/httpRuntime"> | |
2060 | <xs:complexType> | |
2061 | <xs:attribute name="apartmentThreading" type="small_boolean_Type" use="optional" /> | |
2062 | <xs:attribute name="appRequestQueueLimit" use="optional"> | |
2063 | <xs:simpleType> | |
2064 | <xs:restriction base="xs:int"> | |
2065 | <xs:minInclusive value="1" /> | |
2066 | </xs:restriction> | |
2067 | </xs:simpleType> | |
2068 | </xs:attribute> | |
2069 | <xs:attribute name="delayNotificationTimeout" type="xs:string" use="optional" /> | |
2070 | <xs:attribute name="enable" type="small_boolean_Type" use="optional" /> | |
2071 | <xs:attribute name="enableHeaderChecking" type="small_boolean_Type" use="optional" /> | |
2072 | <xs:attribute name="enableKernelOutputCache" type="small_boolean_Type" use="optional" /> | |
2073 | <xs:attribute name="enableVersionHeader" type="small_boolean_Type" use="optional" /> | |
2074 | <xs:attribute name="executionTimeout" use="optional"> | |
2075 | <xs:simpleType> | |
2076 | <xs:restriction base="xs:string"> | |
2077 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
2078 | </xs:restriction> | |
2079 | </xs:simpleType> | |
2080 | </xs:attribute> | |
2081 | <xs:attribute name="maxRequestLength" use="optional"> | |
2082 | <xs:simpleType> | |
2083 | <xs:restriction base="xs:int"> | |
2084 | <xs:minInclusive value="0" /> | |
2085 | </xs:restriction> | |
2086 | </xs:simpleType> | |
2087 | </xs:attribute> | |
2088 | <xs:attribute name="maxWaitChangeNotification" use="optional"> | |
2089 | <xs:simpleType> | |
2090 | <xs:restriction base="xs:int"> | |
2091 | <xs:minInclusive value="0" /> | |
2092 | </xs:restriction> | |
2093 | </xs:simpleType> | |
2094 | </xs:attribute> | |
2095 | <xs:attribute name="minFreeThreads" use="optional"> | |
2096 | <xs:simpleType> | |
2097 | <xs:restriction base="xs:int"> | |
2098 | <xs:minInclusive value="0" /> | |
2099 | </xs:restriction> | |
2100 | </xs:simpleType> | |
2101 | </xs:attribute> | |
2102 | <xs:attribute name="minLocalRequestFreeThreads" use="optional"> | |
2103 | <xs:simpleType> | |
2104 | <xs:restriction base="xs:int"> | |
2105 | <xs:minInclusive value="0" /> | |
2106 | </xs:restriction> | |
2107 | </xs:simpleType> | |
2108 | </xs:attribute> | |
2109 | <xs:attribute name="requestLengthDiskThreshold" use="optional"> | |
2110 | <xs:simpleType> | |
2111 | <xs:restriction base="xs:int"> | |
2112 | <xs:minInclusive value="1" /> | |
2113 | </xs:restriction> | |
2114 | </xs:simpleType> | |
2115 | </xs:attribute> | |
2116 | <xs:attribute name="requireRootedSaveAsPath" type="small_boolean_Type" use="optional" /> | |
2117 | <xs:attribute name="sendCacheControlHeader" type="small_boolean_Type" use="optional" /> | |
2118 | <xs:attribute name="shutdownTimeout" type="xs:string" use="optional" /> | |
2119 | <xs:attribute name="useFullyQualifiedRedirectUrl" type="small_boolean_Type" use="optional" /> | |
2120 | <xs:attribute name="waitChangeNotification" use="optional"> | |
2121 | <xs:simpleType> | |
2122 | <xs:restriction base="xs:int"> | |
2123 | <xs:minInclusive value="0" /> | |
2124 | </xs:restriction> | |
2125 | </xs:simpleType> | |
2126 | </xs:attribute> | |
2127 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2128 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2129 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2130 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2131 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2132 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
2133 | </xs:complexType> | |
2134 | </xs:element> | |
2135 | <xs:element name="identity" vs:help="configuration/system.web/identity"> | |
2136 | <xs:complexType> | |
2137 | <xs:attribute name="impersonate" type="small_boolean_Type" use="optional" /> | |
2138 | <xs:attribute name="password" type="xs:string" use="optional" /> | |
2139 | <xs:attribute name="userName" type="xs:string" use="optional" /> | |
2140 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2141 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2142 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2143 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2144 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2145 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
2146 | </xs:complexType> | |
2147 | </xs:element> | |
2148 | <xs:element name="machineKey" vs:help="configuration/system.web/machineKey"> | |
2149 | <xs:complexType> | |
2150 | <xs:attribute name="decryption" use="optional"> | |
2151 | <xs:simpleType> | |
2152 | <xs:restriction base="xs:string"> | |
2153 | <xs:minLength value="1" /> | |
2154 | <xs:whiteSpace value="collapse" /> | |
2155 | </xs:restriction> | |
2156 | </xs:simpleType> | |
2157 | </xs:attribute> | |
2158 | <xs:attribute name="decryptionKey" use="optional"> | |
2159 | <xs:simpleType> | |
2160 | <xs:restriction base="xs:string"> | |
2161 | <xs:minLength value="1" /> | |
2162 | <xs:whiteSpace value="collapse" /> | |
2163 | </xs:restriction> | |
2164 | </xs:simpleType> | |
2165 | </xs:attribute> | |
2166 | <xs:attribute name="validation" use="optional"> | |
2167 | <xs:simpleType> | |
2168 | <xs:restriction base="xs:NMTOKEN"> | |
2169 | <xs:enumeration value="AES" /> | |
2170 | <xs:enumeration value="MD5" /> | |
2171 | <xs:enumeration value="SHA1" /> | |
2172 | <xs:enumeration value="3DES" /> | |
2173 | </xs:restriction> | |
2174 | </xs:simpleType> | |
2175 | </xs:attribute> | |
2176 | <xs:attribute name="validationKey" use="optional"> | |
2177 | <xs:simpleType> | |
2178 | <xs:restriction base="xs:string"> | |
2179 | <xs:minLength value="1" /> | |
2180 | <xs:whiteSpace value="collapse" /> | |
2181 | </xs:restriction> | |
2182 | </xs:simpleType> | |
2183 | </xs:attribute> | |
2184 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2185 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2186 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2187 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2188 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2189 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
2190 | </xs:complexType> | |
2191 | </xs:element> | |
2192 | <xs:element name="membership" vs:help="configuration/system.web/membership"> | |
2193 | <xs:complexType> | |
2194 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2195 | <xs:element name="providers" vs:help="configuration/system.web/membership/providers"> | |
2196 | <xs:complexType> | |
2197 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2198 | <xs:element name="add" vs:help="configuration/system.web/membership/providers/add"> | |
2199 | <xs:complexType> | |
2200 | <xs:attribute name="name" type="xs:string" use="required" /> | |
2201 | <xs:attribute name="type" type="xs:string" use="required" /> | |
2202 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2203 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2204 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2205 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2206 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2207 | <xs:anyAttribute processContents="skip" /> | |
2208 | </xs:complexType> | |
2209 | </xs:element> | |
2210 | <xs:element name="remove" vs:help="configuration/system.web/membership/providers/remove"> | |
2211 | <xs:complexType> | |
2212 | <xs:attribute name="name" type="xs:string" use="required" /> | |
2213 | </xs:complexType> | |
2214 | </xs:element> | |
2215 | <xs:element name="clear" vs:help="configuration/system.web/membership/providers/clear"> | |
2216 | <xs:complexType> | |
2217 | <!--tag is empty--> | |
2218 | </xs:complexType> | |
2219 | </xs:element> | |
2220 | </xs:choice> | |
2221 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2222 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2223 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2224 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2225 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2226 | </xs:complexType> | |
2227 | </xs:element> | |
2228 | </xs:choice> | |
2229 | <xs:attribute name="defaultProvider" use="optional"> | |
2230 | <xs:simpleType> | |
2231 | <xs:restriction base="xs:string"> | |
2232 | <xs:minLength value="1" /> | |
2233 | </xs:restriction> | |
2234 | </xs:simpleType> | |
2235 | </xs:attribute> | |
2236 | <xs:attribute name="hashAlgorithmType" type="xs:string" use="optional" /> | |
2237 | <xs:attribute name="userIsOnlineTimeWindow" use="optional"> | |
2238 | <xs:simpleType> | |
2239 | <xs:restriction base="xs:string"> | |
2240 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
2241 | </xs:restriction> | |
2242 | </xs:simpleType> | |
2243 | </xs:attribute> | |
2244 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2245 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2246 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2247 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2248 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2249 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
2250 | </xs:complexType> | |
2251 | </xs:element> | |
2252 | <xs:element name="mobileControls" vs:help="configuration/system.web/mobileControls"> | |
2253 | <xs:complexType> | |
2254 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2255 | <xs:element name="device" vs:help="configuration/system.web/mobileControls/device"> | |
2256 | <xs:complexType> | |
2257 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2258 | <xs:element name="control" vs:help="configuration/system.web/mobileControls/DeviceElement/control"> | |
2259 | <xs:complexType> | |
2260 | <xs:attribute name="adapter" type="xs:string" use="required" /> | |
2261 | <xs:attribute name="name" use="required"> | |
2262 | <xs:simpleType> | |
2263 | <xs:restriction base="xs:string"> | |
2264 | <xs:minLength value="1" /> | |
2265 | </xs:restriction> | |
2266 | </xs:simpleType> | |
2267 | </xs:attribute> | |
2268 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2269 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2270 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2271 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2272 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2273 | </xs:complexType> | |
2274 | </xs:element> | |
2275 | <xs:element name="remove" vs:help="configuration/system.web/mobileControls/DeviceElement/remove"> | |
2276 | <xs:complexType> | |
2277 | <xs:attribute name="name" use="required"> | |
2278 | <xs:simpleType> | |
2279 | <xs:restriction base="xs:string"> | |
2280 | <xs:minLength value="1" /> | |
2281 | </xs:restriction> | |
2282 | </xs:simpleType> | |
2283 | </xs:attribute> | |
2284 | </xs:complexType> | |
2285 | </xs:element> | |
2286 | <xs:element name="clear" vs:help="configuration/system.web/mobileControls/DeviceElement/clear"> | |
2287 | <xs:complexType> | |
2288 | <!--tag is empty--> | |
2289 | </xs:complexType> | |
2290 | </xs:element> | |
2291 | </xs:choice> | |
2292 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2293 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2294 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2295 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2296 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2297 | <xs:attribute name="inheritsFrom" use="optional"> | |
2298 | <xs:simpleType> | |
2299 | <xs:restriction base="xs:string"> | |
2300 | <xs:minLength value="1" /> | |
2301 | </xs:restriction> | |
2302 | </xs:simpleType> | |
2303 | </xs:attribute> | |
2304 | <xs:attribute name="name" use="required"> | |
2305 | <xs:simpleType> | |
2306 | <xs:restriction base="xs:string"> | |
2307 | <xs:minLength value="1" /> | |
2308 | </xs:restriction> | |
2309 | </xs:simpleType> | |
2310 | </xs:attribute> | |
2311 | <xs:attribute name="pageAdapter" type="xs:string" use="optional" /> | |
2312 | <xs:attribute name="predicateClass" type="xs:string" use="optional" /> | |
2313 | <xs:attribute name="predicateMethod" use="optional"> | |
2314 | <xs:simpleType> | |
2315 | <xs:restriction base="xs:string"> | |
2316 | <xs:minLength value="1" /> | |
2317 | </xs:restriction> | |
2318 | </xs:simpleType> | |
2319 | </xs:attribute> | |
2320 | </xs:complexType> | |
2321 | </xs:element> | |
2322 | <xs:element name="remove" vs:help="configuration/system.web/mobileControls/remove"> | |
2323 | <xs:complexType> | |
2324 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2325 | <xs:element name="control" vs:help="configuration/system.web/mobileControls/DeviceElement/control"> | |
2326 | <xs:complexType> | |
2327 | <xs:attribute name="adapter" type="xs:string" use="required" /> | |
2328 | <xs:attribute name="name" use="required"> | |
2329 | <xs:simpleType> | |
2330 | <xs:restriction base="xs:string"> | |
2331 | <xs:minLength value="1" /> | |
2332 | </xs:restriction> | |
2333 | </xs:simpleType> | |
2334 | </xs:attribute> | |
2335 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2336 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2337 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2338 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2339 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2340 | </xs:complexType> | |
2341 | </xs:element> | |
2342 | <xs:element name="remove" vs:help="configuration/system.web/mobileControls/DeviceElement/remove"> | |
2343 | <xs:complexType> | |
2344 | <xs:attribute name="name" use="required"> | |
2345 | <xs:simpleType> | |
2346 | <xs:restriction base="xs:string"> | |
2347 | <xs:minLength value="1" /> | |
2348 | </xs:restriction> | |
2349 | </xs:simpleType> | |
2350 | </xs:attribute> | |
2351 | </xs:complexType> | |
2352 | </xs:element> | |
2353 | <xs:element name="clear" vs:help="configuration/system.web/mobileControls/DeviceElement/clear"> | |
2354 | <xs:complexType> | |
2355 | <!--tag is empty--> | |
2356 | </xs:complexType> | |
2357 | </xs:element> | |
2358 | </xs:choice> | |
2359 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2360 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2361 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2362 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2363 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2364 | <xs:attribute name="name" use="required"> | |
2365 | <xs:simpleType> | |
2366 | <xs:restriction base="xs:string"> | |
2367 | <xs:minLength value="1" /> | |
2368 | </xs:restriction> | |
2369 | </xs:simpleType> | |
2370 | </xs:attribute> | |
2371 | </xs:complexType> | |
2372 | </xs:element> | |
2373 | <xs:element name="clear" vs:help="configuration/system.web/mobileControls/clear"> | |
2374 | <xs:complexType> | |
2375 | <!--tag is empty--> | |
2376 | </xs:complexType> | |
2377 | </xs:element> | |
2378 | </xs:choice> | |
2379 | <xs:attribute name="allowCustomAttributes" type="small_boolean_Type" use="optional" /> | |
2380 | <xs:attribute name="cookielessDataDictionaryType" type="xs:string" use="optional" /> | |
2381 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2382 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2383 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2384 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2385 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2386 | <xs:attribute name="sessionStateHistorySize" use="optional"> | |
2387 | <xs:simpleType> | |
2388 | <xs:restriction base="xs:int"> | |
2389 | <xs:minInclusive value="0" /> | |
2390 | </xs:restriction> | |
2391 | </xs:simpleType> | |
2392 | </xs:attribute> | |
2393 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
2394 | </xs:complexType> | |
2395 | </xs:element> | |
2396 | <xs:element name="pages" vs:help="configuration/system.web/pages"> | |
2397 | <xs:complexType> | |
2398 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2399 | <xs:element name="controls" vs:help="configuration/system.web/pages/controls"> | |
2400 | <xs:complexType> | |
2401 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2402 | <xs:element name="add" vs:help="configuration/system.web/pages/controls/add"> | |
2403 | <xs:complexType> | |
2404 | <xs:attribute name="assembly" type="xs:string" use="optional" /> | |
2405 | <xs:attribute name="namespace" type="xs:string" use="optional" /> | |
2406 | <xs:attribute name="src" type="xs:string" use="optional" /> | |
2407 | <xs:attribute name="tagName" type="xs:string" use="optional" /> | |
2408 | <xs:attribute name="tagPrefix" use="required"> | |
2409 | <xs:simpleType> | |
2410 | <xs:restriction base="xs:string"> | |
2411 | <xs:minLength value="1" /> | |
2412 | </xs:restriction> | |
2413 | </xs:simpleType> | |
2414 | </xs:attribute> | |
2415 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2416 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2417 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2418 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2419 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2420 | </xs:complexType> | |
2421 | </xs:element> | |
2422 | </xs:choice> | |
2423 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2424 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2425 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2426 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2427 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2428 | </xs:complexType> | |
2429 | </xs:element> | |
2430 | <xs:element name="namespaces" vs:help="configuration/system.web/pages/namespaces"> | |
2431 | <xs:complexType> | |
2432 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2433 | <xs:element name="add" vs:help="configuration/system.web/pages/namespaces/add"> | |
2434 | <xs:complexType> | |
2435 | <xs:attribute name="namespace" use="required"> | |
2436 | <xs:simpleType> | |
2437 | <xs:restriction base="xs:string"> | |
2438 | <xs:minLength value="1" /> | |
2439 | </xs:restriction> | |
2440 | </xs:simpleType> | |
2441 | </xs:attribute> | |
2442 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2443 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2444 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2445 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2446 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2447 | </xs:complexType> | |
2448 | </xs:element> | |
2449 | <xs:element name="remove" vs:help="configuration/system.web/pages/namespaces/remove"> | |
2450 | <xs:complexType> | |
2451 | <xs:attribute name="namespace" use="required"> | |
2452 | <xs:simpleType> | |
2453 | <xs:restriction base="xs:string"> | |
2454 | <xs:minLength value="1" /> | |
2455 | </xs:restriction> | |
2456 | </xs:simpleType> | |
2457 | </xs:attribute> | |
2458 | </xs:complexType> | |
2459 | </xs:element> | |
2460 | <xs:element name="clear" vs:help="configuration/system.web/pages/namespaces/clear"> | |
2461 | <xs:complexType> | |
2462 | <!--tag is empty--> | |
2463 | </xs:complexType> | |
2464 | </xs:element> | |
2465 | </xs:choice> | |
2466 | <xs:attribute name="autoImportVBNamespace" type="small_boolean_Type" use="optional" /> | |
2467 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2468 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2469 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2470 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2471 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2472 | </xs:complexType> | |
2473 | </xs:element> | |
2474 | <xs:element name="tagMapping" vs:help="configuration/system.web/pages/tagMapping"> | |
2475 | <xs:complexType> | |
2476 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2477 | <xs:element name="add" vs:help="configuration/system.web/pages/tagMapping/add"> | |
2478 | <xs:complexType> | |
2479 | <xs:attribute name="mappedTagType" use="optional"> | |
2480 | <xs:simpleType> | |
2481 | <xs:restriction base="xs:string"> | |
2482 | <xs:minLength value="1" /> | |
2483 | </xs:restriction> | |
2484 | </xs:simpleType> | |
2485 | </xs:attribute> | |
2486 | <xs:attribute name="tagType" use="required"> | |
2487 | <xs:simpleType> | |
2488 | <xs:restriction base="xs:string"> | |
2489 | <xs:minLength value="1" /> | |
2490 | </xs:restriction> | |
2491 | </xs:simpleType> | |
2492 | </xs:attribute> | |
2493 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2494 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2495 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2496 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2497 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2498 | </xs:complexType> | |
2499 | </xs:element> | |
2500 | <xs:element name="remove" vs:help="configuration/system.web/pages/tagMapping/remove"> | |
2501 | <xs:complexType> | |
2502 | <xs:attribute name="tagType" use="required"> | |
2503 | <xs:simpleType> | |
2504 | <xs:restriction base="xs:string"> | |
2505 | <xs:minLength value="1" /> | |
2506 | </xs:restriction> | |
2507 | </xs:simpleType> | |
2508 | </xs:attribute> | |
2509 | </xs:complexType> | |
2510 | </xs:element> | |
2511 | <xs:element name="clear" vs:help="configuration/system.web/pages/tagMapping/clear"> | |
2512 | <xs:complexType> | |
2513 | <!--tag is empty--> | |
2514 | </xs:complexType> | |
2515 | </xs:element> | |
2516 | </xs:choice> | |
2517 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2518 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2519 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2520 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2521 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2522 | </xs:complexType> | |
2523 | </xs:element> | |
2524 | </xs:choice> | |
2525 | <xs:attribute name="asyncTimeout" use="optional"> | |
2526 | <xs:simpleType> | |
2527 | <xs:restriction base="xs:string"> | |
2528 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
2529 | </xs:restriction> | |
2530 | </xs:simpleType> | |
2531 | </xs:attribute> | |
2532 | <xs:attribute name="autoEventWireup" type="small_boolean_Type" use="optional" /> | |
2533 | <xs:attribute name="buffer" type="small_boolean_Type" use="optional" /> | |
2534 | <xs:attribute name="compilationMode" use="optional"> | |
2535 | <xs:simpleType> | |
2536 | <xs:restriction base="xs:NMTOKEN"> | |
2537 | <xs:enumeration value="Always" /> | |
2538 | <xs:enumeration value="Auto" /> | |
2539 | <xs:enumeration value="Never" /> | |
2540 | </xs:restriction> | |
2541 | </xs:simpleType> | |
2542 | </xs:attribute> | |
2543 | <xs:attribute name="enableEventValidation" type="small_boolean_Type" use="optional" /> | |
2544 | <xs:attribute name="enableSessionState" use="optional"> | |
2545 | <xs:simpleType> | |
2546 | <xs:restriction base="xs:NMTOKEN"> | |
2547 | <xs:enumeration value="false" /> | |
2548 | <xs:enumeration value="ReadOnly" /> | |
2549 | <xs:enumeration value="true" /> | |
2550 | </xs:restriction> | |
2551 | </xs:simpleType> | |
2552 | </xs:attribute> | |
2553 | <xs:attribute name="enableViewState" type="small_boolean_Type" use="optional" /> | |
2554 | <xs:attribute name="enableViewStateMac" type="small_boolean_Type" use="optional" /> | |
2555 | <xs:attribute name="maintainScrollPositionOnPostBack" type="small_boolean_Type" use="optional" /> | |
2556 | <xs:attribute name="masterPageFile" type="xs:string" use="optional" /> | |
2557 | <xs:attribute name="maxPageStateFieldLength" type="xs:int" use="optional" /> | |
2558 | <xs:attribute name="pageBaseType" type="xs:string" use="optional" /> | |
2559 | <xs:attribute name="pageParserFilterType" type="xs:string" use="optional" /> | |
2560 | <xs:attribute name="smartNavigation" type="small_boolean_Type" use="optional" /> | |
2561 | <xs:attribute name="styleSheetTheme" type="xs:string" use="optional" /> | |
2562 | <xs:attribute name="theme" type="xs:string" use="optional" /> | |
2563 | <xs:attribute name="userControlBaseType" type="xs:string" use="optional" /> | |
2564 | <xs:attribute name="validateRequest" type="small_boolean_Type" use="optional" /> | |
2565 | <xs:attribute name="viewStateEncryptionMode" use="optional"> | |
2566 | <xs:simpleType> | |
2567 | <xs:restriction base="xs:NMTOKEN"> | |
2568 | <xs:enumeration value="Always" /> | |
2569 | <xs:enumeration value="Auto" /> | |
2570 | <xs:enumeration value="Never" /> | |
2571 | </xs:restriction> | |
2572 | </xs:simpleType> | |
2573 | </xs:attribute> | |
2574 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2575 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2576 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2577 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2578 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2579 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
2580 | </xs:complexType> | |
2581 | </xs:element> | |
2582 | <xs:element name="processModel" vs:help="configuration/system.web/processModel"> | |
2583 | <xs:complexType> | |
2584 | <xs:attribute name="autoConfig" type="small_boolean_Type" use="optional" /> | |
2585 | <xs:attribute name="clientConnectedCheck" type="xs:string" use="optional" /> | |
2586 | <xs:attribute name="comAuthenticationLevel" use="optional"> | |
2587 | <xs:simpleType> | |
2588 | <xs:restriction base="xs:NMTOKEN"> | |
2589 | <xs:enumeration value="Call" /> | |
2590 | <xs:enumeration value="Connect" /> | |
2591 | <xs:enumeration value="Default" /> | |
2592 | <xs:enumeration value="None" /> | |
2593 | <xs:enumeration value="Pkt" /> | |
2594 | <xs:enumeration value="PktIntegrity" /> | |
2595 | <xs:enumeration value="PktPrivacy" /> | |
2596 | </xs:restriction> | |
2597 | </xs:simpleType> | |
2598 | </xs:attribute> | |
2599 | <xs:attribute name="comImpersonationLevel" use="optional"> | |
2600 | <xs:simpleType> | |
2601 | <xs:restriction base="xs:NMTOKEN"> | |
2602 | <xs:enumeration value="Anonymous" /> | |
2603 | <xs:enumeration value="Default" /> | |
2604 | <xs:enumeration value="Delegate" /> | |
2605 | <xs:enumeration value="Identify" /> | |
2606 | <xs:enumeration value="Impersonate" /> | |
2607 | </xs:restriction> | |
2608 | </xs:simpleType> | |
2609 | </xs:attribute> | |
2610 | <xs:attribute name="cpuMask" type="xs:int" use="optional" /> | |
2611 | <xs:attribute name="enable" type="small_boolean_Type" use="optional" /> | |
2612 | <xs:attribute name="idleTimeout" type="xs:string" use="optional" /> | |
2613 | <xs:attribute name="logLevel" use="optional"> | |
2614 | <xs:simpleType> | |
2615 | <xs:restriction base="xs:NMTOKEN"> | |
2616 | <xs:enumeration value="All" /> | |
2617 | <xs:enumeration value="Errors" /> | |
2618 | <xs:enumeration value="None" /> | |
2619 | </xs:restriction> | |
2620 | </xs:simpleType> | |
2621 | </xs:attribute> | |
2622 | <xs:attribute name="maxAppDomains" use="optional"> | |
2623 | <xs:simpleType> | |
2624 | <xs:restriction base="xs:int"> | |
2625 | <xs:minInclusive value="1" /> | |
2626 | <xs:maxInclusive value="2147483646" /> | |
2627 | </xs:restriction> | |
2628 | </xs:simpleType> | |
2629 | </xs:attribute> | |
2630 | <xs:attribute name="maxIoThreads" use="optional"> | |
2631 | <xs:simpleType> | |
2632 | <xs:restriction base="xs:int"> | |
2633 | <xs:minInclusive value="1" /> | |
2634 | <xs:maxInclusive value="2147483646" /> | |
2635 | </xs:restriction> | |
2636 | </xs:simpleType> | |
2637 | </xs:attribute> | |
2638 | <xs:attribute name="maxWorkerThreads" use="optional"> | |
2639 | <xs:simpleType> | |
2640 | <xs:restriction base="xs:int"> | |
2641 | <xs:minInclusive value="1" /> | |
2642 | <xs:maxInclusive value="2147483646" /> | |
2643 | </xs:restriction> | |
2644 | </xs:simpleType> | |
2645 | </xs:attribute> | |
2646 | <xs:attribute name="memoryLimit" type="xs:int" use="optional" /> | |
2647 | <xs:attribute name="minIoThreads" use="optional"> | |
2648 | <xs:simpleType> | |
2649 | <xs:restriction base="xs:int"> | |
2650 | <xs:minInclusive value="1" /> | |
2651 | <xs:maxInclusive value="2147483646" /> | |
2652 | </xs:restriction> | |
2653 | </xs:simpleType> | |
2654 | </xs:attribute> | |
2655 | <xs:attribute name="minWorkerThreads" use="optional"> | |
2656 | <xs:simpleType> | |
2657 | <xs:restriction base="xs:int"> | |
2658 | <xs:minInclusive value="1" /> | |
2659 | <xs:maxInclusive value="2147483646" /> | |
2660 | </xs:restriction> | |
2661 | </xs:simpleType> | |
2662 | </xs:attribute> | |
2663 | <xs:attribute name="password" type="xs:string" use="optional" /> | |
2664 | <xs:attribute name="pingFrequency" type="xs:string" use="optional" /> | |
2665 | <xs:attribute name="pingTimeout" type="xs:string" use="optional" /> | |
2666 | <xs:attribute name="requestLimit" use="optional"> | |
2667 | <xs:simpleType> | |
2668 | <xs:union memberTypes="xs:int Infinite"> | |
2669 | <xs:simpleType> | |
2670 | <xs:restriction base="xs:int"> | |
2671 | <xs:minInclusive value="0" /> | |
2672 | </xs:restriction> | |
2673 | </xs:simpleType> | |
2674 | </xs:union> | |
2675 | </xs:simpleType> | |
2676 | </xs:attribute> | |
2677 | <xs:attribute name="requestQueueLimit" use="optional"> | |
2678 | <xs:simpleType> | |
2679 | <xs:union memberTypes="xs:int Infinite"> | |
2680 | <xs:simpleType> | |
2681 | <xs:restriction base="xs:int"> | |
2682 | <xs:minInclusive value="0" /> | |
2683 | </xs:restriction> | |
2684 | </xs:simpleType> | |
2685 | </xs:union> | |
2686 | </xs:simpleType> | |
2687 | </xs:attribute> | |
2688 | <xs:attribute name="responseDeadlockInterval" use="optional"> | |
2689 | <xs:simpleType> | |
2690 | <xs:restriction base="xs:string"> | |
2691 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
2692 | </xs:restriction> | |
2693 | </xs:simpleType> | |
2694 | </xs:attribute> | |
2695 | <xs:attribute name="responseRestartDeadlockInterval" type="xs:string" use="optional" /> | |
2696 | <xs:attribute name="restartQueueLimit" use="optional"> | |
2697 | <xs:simpleType> | |
2698 | <xs:union memberTypes="xs:int Infinite"> | |
2699 | <xs:simpleType> | |
2700 | <xs:restriction base="xs:int"> | |
2701 | <xs:minInclusive value="0" /> | |
2702 | </xs:restriction> | |
2703 | </xs:simpleType> | |
2704 | </xs:union> | |
2705 | </xs:simpleType> | |
2706 | </xs:attribute> | |
2707 | <xs:attribute name="serverErrorMessageFile" type="xs:string" use="optional" /> | |
2708 | <xs:attribute name="shutdownTimeout" use="optional"> | |
2709 | <xs:simpleType> | |
2710 | <xs:restriction base="xs:string"> | |
2711 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
2712 | </xs:restriction> | |
2713 | </xs:simpleType> | |
2714 | </xs:attribute> | |
2715 | <xs:attribute name="timeout" type="xs:string" use="optional" /> | |
2716 | <xs:attribute name="userName" type="xs:string" use="optional" /> | |
2717 | <xs:attribute name="webGarden" type="small_boolean_Type" use="optional" /> | |
2718 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2719 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2720 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2721 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2722 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2723 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
2724 | </xs:complexType> | |
2725 | </xs:element> | |
2726 | <xs:element name="profile" vs:help="configuration/system.web/profile"> | |
2727 | <xs:complexType> | |
2728 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2729 | <xs:element name="properties" vs:help="configuration/system.web/profile/properties"> | |
2730 | <xs:complexType> | |
2731 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2732 | <xs:element name="add" vs:help="configuration/system.web/profile/properties/add"> | |
2733 | <xs:complexType> | |
2734 | <xs:attribute name="allowAnonymous" type="small_boolean_Type" use="optional" /> | |
2735 | <xs:attribute name="customProviderData" type="xs:string" use="optional" /> | |
2736 | <xs:attribute name="defaultValue" type="xs:string" use="optional" /> | |
2737 | <xs:attribute name="name" type="xs:string" use="required" /> | |
2738 | <xs:attribute name="provider" type="xs:string" use="optional" /> | |
2739 | <xs:attribute name="readOnly" type="small_boolean_Type" use="optional" /> | |
2740 | <xs:attribute name="serializeAs" use="optional"> | |
2741 | <xs:simpleType> | |
2742 | <xs:restriction base="xs:NMTOKEN"> | |
2743 | <xs:enumeration value="Binary" /> | |
2744 | <xs:enumeration value="ProviderSpecific" /> | |
2745 | <xs:enumeration value="String" /> | |
2746 | <xs:enumeration value="Xml" /> | |
2747 | </xs:restriction> | |
2748 | </xs:simpleType> | |
2749 | </xs:attribute> | |
2750 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
2751 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2752 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2753 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2754 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2755 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2756 | </xs:complexType> | |
2757 | </xs:element> | |
2758 | <xs:element name="remove" vs:help="configuration/system.web/profile/properties/remove"> | |
2759 | <xs:complexType> | |
2760 | <xs:attribute name="name" type="xs:string" use="required" /> | |
2761 | </xs:complexType> | |
2762 | </xs:element> | |
2763 | <xs:element name="clear" vs:help="configuration/system.web/profile/properties/clear"> | |
2764 | <xs:complexType> | |
2765 | <!--tag is empty--> | |
2766 | </xs:complexType> | |
2767 | </xs:element> | |
2768 | <xs:element name="group" vs:help="configuration/system.web/profile/properties/group/group"> | |
2769 | <xs:complexType> | |
2770 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2771 | <xs:element name="add" vs:help="configuration/system.web/profile/properties/group/ProfileGroupSettings/add"> | |
2772 | <xs:complexType> | |
2773 | <xs:attribute name="allowAnonymous" type="small_boolean_Type" use="optional" /> | |
2774 | <xs:attribute name="customProviderData" type="xs:string" use="optional" /> | |
2775 | <xs:attribute name="defaultValue" type="xs:string" use="optional" /> | |
2776 | <xs:attribute name="name" type="xs:string" use="required" /> | |
2777 | <xs:attribute name="provider" type="xs:string" use="optional" /> | |
2778 | <xs:attribute name="readOnly" type="small_boolean_Type" use="optional" /> | |
2779 | <xs:attribute name="serializeAs" use="optional"> | |
2780 | <xs:simpleType> | |
2781 | <xs:restriction base="xs:NMTOKEN"> | |
2782 | <xs:enumeration value="Binary" /> | |
2783 | <xs:enumeration value="ProviderSpecific" /> | |
2784 | <xs:enumeration value="String" /> | |
2785 | <xs:enumeration value="Xml" /> | |
2786 | </xs:restriction> | |
2787 | </xs:simpleType> | |
2788 | </xs:attribute> | |
2789 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
2790 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2791 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2792 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2793 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2794 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2795 | </xs:complexType> | |
2796 | </xs:element> | |
2797 | <xs:element name="remove" vs:help="configuration/system.web/profile/properties/group/ProfileGroupSettings/remove"> | |
2798 | <xs:complexType> | |
2799 | <xs:attribute name="name" type="xs:string" use="required" /> | |
2800 | </xs:complexType> | |
2801 | </xs:element> | |
2802 | <xs:element name="clear" vs:help="configuration/system.web/profile/properties/group/ProfileGroupSettings/clear"> | |
2803 | <xs:complexType> | |
2804 | <!--tag is empty--> | |
2805 | </xs:complexType> | |
2806 | </xs:element> | |
2807 | </xs:choice> | |
2808 | <xs:attribute name="name" type="xs:string" use="required" /> | |
2809 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2810 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2811 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2812 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2813 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2814 | </xs:complexType> | |
2815 | </xs:element> | |
2816 | </xs:choice> | |
2817 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2818 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2819 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2820 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2821 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2822 | </xs:complexType> | |
2823 | </xs:element> | |
2824 | <xs:element name="providers" vs:help="configuration/system.web/profile/providers"> | |
2825 | <xs:complexType> | |
2826 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2827 | <xs:element name="add" vs:help="configuration/system.web/profile/providers/add"> | |
2828 | <xs:complexType> | |
2829 | <xs:attribute name="name" type="xs:string" use="required" /> | |
2830 | <xs:attribute name="type" type="xs:string" use="required" /> | |
2831 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2832 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2833 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2834 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2835 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2836 | <xs:anyAttribute processContents="skip" /> | |
2837 | </xs:complexType> | |
2838 | </xs:element> | |
2839 | <xs:element name="remove" vs:help="configuration/system.web/profile/providers/remove"> | |
2840 | <xs:complexType> | |
2841 | <xs:attribute name="name" type="xs:string" use="required" /> | |
2842 | </xs:complexType> | |
2843 | </xs:element> | |
2844 | <xs:element name="clear" vs:help="configuration/system.web/profile/providers/clear"> | |
2845 | <xs:complexType> | |
2846 | <!--tag is empty--> | |
2847 | </xs:complexType> | |
2848 | </xs:element> | |
2849 | </xs:choice> | |
2850 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2851 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2852 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2853 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2854 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2855 | </xs:complexType> | |
2856 | </xs:element> | |
2857 | </xs:choice> | |
2858 | <xs:attribute name="automaticSaveEnabled" type="small_boolean_Type" use="optional" /> | |
2859 | <xs:attribute name="defaultProvider" use="optional"> | |
2860 | <xs:simpleType> | |
2861 | <xs:restriction base="xs:string"> | |
2862 | <xs:minLength value="1" /> | |
2863 | </xs:restriction> | |
2864 | </xs:simpleType> | |
2865 | </xs:attribute> | |
2866 | <xs:attribute name="enabled" type="small_boolean_Type" use="optional" /> | |
2867 | <xs:attribute name="inherits" type="xs:string" use="optional" /> | |
2868 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2869 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2870 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2871 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2872 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2873 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
2874 | </xs:complexType> | |
2875 | </xs:element> | |
2876 | <xs:element name="roleManager" vs:help="configuration/system.web/roleManager"> | |
2877 | <xs:complexType> | |
2878 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2879 | <xs:element name="providers" vs:help="configuration/system.web/roleManager/providers"> | |
2880 | <xs:complexType> | |
2881 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2882 | <xs:element name="add" vs:help="configuration/system.web/roleManager/providers/add"> | |
2883 | <xs:complexType> | |
2884 | <xs:attribute name="name" type="xs:string" use="required" /> | |
2885 | <xs:attribute name="type" type="xs:string" use="required" /> | |
2886 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2887 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2888 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2889 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2890 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2891 | <xs:anyAttribute processContents="skip" /> | |
2892 | </xs:complexType> | |
2893 | </xs:element> | |
2894 | <xs:element name="remove" vs:help="configuration/system.web/roleManager/providers/remove"> | |
2895 | <xs:complexType> | |
2896 | <xs:attribute name="name" type="xs:string" use="required" /> | |
2897 | </xs:complexType> | |
2898 | </xs:element> | |
2899 | <xs:element name="clear" vs:help="configuration/system.web/roleManager/providers/clear"> | |
2900 | <xs:complexType> | |
2901 | <!--tag is empty--> | |
2902 | </xs:complexType> | |
2903 | </xs:element> | |
2904 | </xs:choice> | |
2905 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2906 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2907 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2908 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2909 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2910 | </xs:complexType> | |
2911 | </xs:element> | |
2912 | </xs:choice> | |
2913 | <xs:attribute name="cacheRolesInCookie" type="small_boolean_Type" use="optional" /> | |
2914 | <xs:attribute name="cookieName" use="optional"> | |
2915 | <xs:simpleType> | |
2916 | <xs:restriction base="xs:string"> | |
2917 | <xs:minLength value="1" /> | |
2918 | <xs:whiteSpace value="collapse" /> | |
2919 | </xs:restriction> | |
2920 | </xs:simpleType> | |
2921 | </xs:attribute> | |
2922 | <xs:attribute name="cookiePath" use="optional"> | |
2923 | <xs:simpleType> | |
2924 | <xs:restriction base="xs:string"> | |
2925 | <xs:minLength value="1" /> | |
2926 | <xs:whiteSpace value="collapse" /> | |
2927 | </xs:restriction> | |
2928 | </xs:simpleType> | |
2929 | </xs:attribute> | |
2930 | <xs:attribute name="cookieProtection" use="optional"> | |
2931 | <xs:simpleType> | |
2932 | <xs:restriction base="xs:NMTOKEN"> | |
2933 | <xs:enumeration value="All" /> | |
2934 | <xs:enumeration value="Encryption" /> | |
2935 | <xs:enumeration value="None" /> | |
2936 | <xs:enumeration value="Validation" /> | |
2937 | </xs:restriction> | |
2938 | </xs:simpleType> | |
2939 | </xs:attribute> | |
2940 | <xs:attribute name="cookieRequireSSL" type="small_boolean_Type" use="optional" /> | |
2941 | <xs:attribute name="cookieSlidingExpiration" type="small_boolean_Type" use="optional" /> | |
2942 | <xs:attribute name="cookieTimeout" use="optional"> | |
2943 | <xs:simpleType> | |
2944 | <xs:restriction base="xs:string"> | |
2945 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
2946 | </xs:restriction> | |
2947 | </xs:simpleType> | |
2948 | </xs:attribute> | |
2949 | <xs:attribute name="createPersistentCookie" type="small_boolean_Type" use="optional" /> | |
2950 | <xs:attribute name="defaultProvider" use="optional"> | |
2951 | <xs:simpleType> | |
2952 | <xs:restriction base="xs:string"> | |
2953 | <xs:minLength value="1" /> | |
2954 | <xs:whiteSpace value="collapse" /> | |
2955 | </xs:restriction> | |
2956 | </xs:simpleType> | |
2957 | </xs:attribute> | |
2958 | <xs:attribute name="domain" type="xs:string" use="optional" /> | |
2959 | <xs:attribute name="enabled" type="small_boolean_Type" use="optional" /> | |
2960 | <xs:attribute name="maxCachedResults" type="xs:int" use="optional" /> | |
2961 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2962 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2963 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2964 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2965 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2966 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
2967 | </xs:complexType> | |
2968 | </xs:element> | |
2969 | <xs:element name="securityPolicy" vs:help="configuration/system.web/securityPolicy"> | |
2970 | <xs:complexType> | |
2971 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
2972 | <xs:element name="trustLevel" vs:help="configuration/system.web/securityPolicy/trustLevel"> | |
2973 | <xs:complexType> | |
2974 | <xs:attribute name="name" use="required"> | |
2975 | <xs:simpleType> | |
2976 | <xs:restriction base="xs:string"> | |
2977 | <xs:minLength value="1" /> | |
2978 | </xs:restriction> | |
2979 | </xs:simpleType> | |
2980 | </xs:attribute> | |
2981 | <xs:attribute name="policyFile" type="xs:string" use="required" /> | |
2982 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2983 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2984 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2985 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2986 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2987 | </xs:complexType> | |
2988 | </xs:element> | |
2989 | </xs:choice> | |
2990 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
2991 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
2992 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
2993 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
2994 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
2995 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
2996 | </xs:complexType> | |
2997 | </xs:element> | |
2998 | <xs:element name="sessionPageState" vs:help="configuration/system.web/sessionPageState"> | |
2999 | <xs:complexType> | |
3000 | <xs:attribute name="historySize" use="optional"> | |
3001 | <xs:simpleType> | |
3002 | <xs:restriction base="xs:int"> | |
3003 | <xs:minInclusive value="1" /> | |
3004 | </xs:restriction> | |
3005 | </xs:simpleType> | |
3006 | </xs:attribute> | |
3007 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3008 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3009 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3010 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3011 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3012 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3013 | </xs:complexType> | |
3014 | </xs:element> | |
3015 | <xs:element name="sessionState" vs:help="configuration/system.web/sessionState"> | |
3016 | <xs:complexType> | |
3017 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3018 | <xs:element name="providers" vs:help="configuration/system.web/sessionState/providers"> | |
3019 | <xs:complexType> | |
3020 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3021 | <xs:element name="add" vs:help="configuration/system.web/sessionState/providers/add"> | |
3022 | <xs:complexType> | |
3023 | <xs:attribute name="name" type="xs:string" use="required" /> | |
3024 | <xs:attribute name="type" type="xs:string" use="required" /> | |
3025 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3026 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3027 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3028 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3029 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3030 | </xs:complexType> | |
3031 | </xs:element> | |
3032 | <xs:element name="remove" vs:help="configuration/system.web/sessionState/providers/remove"> | |
3033 | <xs:complexType> | |
3034 | <xs:attribute name="name" type="xs:string" use="required" /> | |
3035 | </xs:complexType> | |
3036 | </xs:element> | |
3037 | <xs:element name="clear" vs:help="configuration/system.web/sessionState/providers/clear"> | |
3038 | <xs:complexType> | |
3039 | <!--tag is empty--> | |
3040 | </xs:complexType> | |
3041 | </xs:element> | |
3042 | </xs:choice> | |
3043 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3044 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3045 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3046 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3047 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3048 | </xs:complexType> | |
3049 | </xs:element> | |
3050 | </xs:choice> | |
3051 | <xs:attribute name="allowCustomSqlDatabase" type="small_boolean_Type" use="optional" /> | |
3052 | <xs:attribute name="cookieless" use="optional"> | |
3053 | <xs:simpleType> | |
3054 | <xs:restriction base="xs:NMTOKEN"> | |
3055 | <xs:enumeration value="AutoDetect" /> | |
3056 | <xs:enumeration value="UseCookies" /> | |
3057 | <xs:enumeration value="UseDeviceProfile" /> | |
3058 | <xs:enumeration value="UseUri" /> | |
3059 | <xs:enumeration value="true" /> | |
3060 | <xs:enumeration value="false" /> | |
3061 | </xs:restriction> | |
3062 | </xs:simpleType> | |
3063 | </xs:attribute> | |
3064 | <xs:attribute name="cookieName" type="xs:string" use="optional" /> | |
3065 | <xs:attribute name="customProvider" type="xs:string" use="optional" /> | |
3066 | <xs:attribute name="mode" use="optional"> | |
3067 | <xs:simpleType> | |
3068 | <xs:restriction base="xs:NMTOKEN"> | |
3069 | <xs:enumeration value="Custom" /> | |
3070 | <xs:enumeration value="InProc" /> | |
3071 | <xs:enumeration value="Off" /> | |
3072 | <xs:enumeration value="SQLServer" /> | |
3073 | <xs:enumeration value="StateServer" /> | |
3074 | </xs:restriction> | |
3075 | </xs:simpleType> | |
3076 | </xs:attribute> | |
3077 | <xs:attribute name="partitionResolverType" type="xs:string" use="optional" /> | |
3078 | <xs:attribute name="regenerateExpiredSessionId" type="small_boolean_Type" use="optional" /> | |
3079 | <xs:attribute name="sessionIDManagerType" type="xs:string" use="optional" /> | |
3080 | <xs:attribute name="sqlCommandTimeout" type="xs:string" use="optional" /> | |
3081 | <xs:attribute name="sqlConnectionString" type="xs:string" use="optional" /> | |
3082 | <xs:attribute name="stateConnectionString" type="xs:string" use="optional" /> | |
3083 | <xs:attribute name="stateNetworkTimeout" type="xs:string" use="optional" /> | |
3084 | <xs:attribute name="timeout" use="optional"> | |
3085 | <xs:simpleType> | |
3086 | <xs:restriction base="xs:string"> | |
3087 | <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" /> | |
3088 | </xs:restriction> | |
3089 | </xs:simpleType> | |
3090 | </xs:attribute> | |
3091 | <xs:attribute name="useHostingIdentity" type="small_boolean_Type" use="optional" /> | |
3092 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3093 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3094 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3095 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3096 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3097 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3098 | </xs:complexType> | |
3099 | </xs:element> | |
3100 | <xs:element name="siteMap" vs:help="configuration/system.web/siteMap"> | |
3101 | <xs:complexType> | |
3102 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3103 | <xs:element name="providers" vs:help="configuration/system.web/siteMap/providers"> | |
3104 | <xs:complexType> | |
3105 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3106 | <xs:element name="add" vs:help="configuration/system.web/siteMap/providers/add"> | |
3107 | <xs:complexType> | |
3108 | <xs:attribute name="name" type="xs:string" use="required" /> | |
3109 | <xs:attribute name="type" type="xs:string" use="required" /> | |
3110 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3111 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3112 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3113 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3114 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3115 | <xs:anyAttribute processContents="skip" /> | |
3116 | </xs:complexType> | |
3117 | </xs:element> | |
3118 | <xs:element name="remove" vs:help="configuration/system.web/siteMap/providers/remove"> | |
3119 | <xs:complexType> | |
3120 | <xs:attribute name="name" type="xs:string" use="required" /> | |
3121 | </xs:complexType> | |
3122 | </xs:element> | |
3123 | <xs:element name="clear" vs:help="configuration/system.web/siteMap/providers/clear"> | |
3124 | <xs:complexType> | |
3125 | <!--tag is empty--> | |
3126 | </xs:complexType> | |
3127 | </xs:element> | |
3128 | </xs:choice> | |
3129 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3130 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3131 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3132 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3133 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3134 | </xs:complexType> | |
3135 | </xs:element> | |
3136 | </xs:choice> | |
3137 | <xs:attribute name="defaultProvider" use="optional"> | |
3138 | <xs:simpleType> | |
3139 | <xs:restriction base="xs:string"> | |
3140 | <xs:minLength value="1" /> | |
3141 | </xs:restriction> | |
3142 | </xs:simpleType> | |
3143 | </xs:attribute> | |
3144 | <xs:attribute name="enabled" type="small_boolean_Type" use="optional" /> | |
3145 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3146 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3147 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3148 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3149 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3150 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3151 | </xs:complexType> | |
3152 | </xs:element> | |
3153 | <xs:element name="trace" vs:help="configuration/system.web/trace"> | |
3154 | <xs:complexType> | |
3155 | <xs:attribute name="enabled" type="small_boolean_Type" use="optional" /> | |
3156 | <xs:attribute name="localOnly" type="small_boolean_Type" use="optional" /> | |
3157 | <xs:attribute name="mostRecent" type="small_boolean_Type" use="optional" /> | |
3158 | <xs:attribute name="pageOutput" type="small_boolean_Type" use="optional" /> | |
3159 | <xs:attribute name="requestLimit" use="optional"> | |
3160 | <xs:simpleType> | |
3161 | <xs:restriction base="xs:int"> | |
3162 | <xs:minInclusive value="0" /> | |
3163 | </xs:restriction> | |
3164 | </xs:simpleType> | |
3165 | </xs:attribute> | |
3166 | <xs:attribute name="traceMode" use="optional"> | |
3167 | <xs:simpleType> | |
3168 | <xs:restriction base="xs:NMTOKEN"> | |
3169 | <xs:enumeration value="SortByCategory" /> | |
3170 | <xs:enumeration value="SortByTime" /> | |
3171 | </xs:restriction> | |
3172 | </xs:simpleType> | |
3173 | </xs:attribute> | |
3174 | <xs:attribute name="writeToDiagnosticsTrace" type="small_boolean_Type" use="optional" /> | |
3175 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3176 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3177 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3178 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3179 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3180 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3181 | </xs:complexType> | |
3182 | </xs:element> | |
3183 | <xs:element name="trust" vs:help="configuration/system.web/trust"> | |
3184 | <xs:complexType> | |
3185 | <xs:attribute name="level" use="required"> | |
3186 | <xs:simpleType> | |
3187 | <xs:restriction base="xs:string"> | |
3188 | <xs:minLength value="1" /> | |
3189 | </xs:restriction> | |
3190 | </xs:simpleType> | |
3191 | </xs:attribute> | |
3192 | <xs:attribute name="originUrl" type="xs:string" use="optional" /> | |
3193 | <xs:attribute name="processRequestInApplicationTrust" type="small_boolean_Type" use="optional" /> | |
3194 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3195 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3196 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3197 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3198 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3199 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3200 | </xs:complexType> | |
3201 | </xs:element> | |
3202 | <xs:element name="urlMappings" vs:help="configuration/system.web/urlMappings"> | |
3203 | <xs:complexType> | |
3204 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3205 | <xs:element name="add" vs:help="configuration/system.web/urlMappings/add"> | |
3206 | <xs:complexType> | |
3207 | <xs:attribute name="mappedUrl" type="xs:string" use="required" /> | |
3208 | <xs:attribute name="url" type="xs:string" use="required" /> | |
3209 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3210 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3211 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3212 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3213 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3214 | </xs:complexType> | |
3215 | </xs:element> | |
3216 | <xs:element name="remove" vs:help="configuration/system.web/urlMappings/remove"> | |
3217 | <xs:complexType> | |
3218 | <xs:attribute name="url" type="xs:string" use="required" /> | |
3219 | </xs:complexType> | |
3220 | </xs:element> | |
3221 | <xs:element name="clear" vs:help="configuration/system.web/urlMappings/clear"> | |
3222 | <xs:complexType> | |
3223 | <!--tag is empty--> | |
3224 | </xs:complexType> | |
3225 | </xs:element> | |
3226 | </xs:choice> | |
3227 | <xs:attribute name="enabled" type="small_boolean_Type" use="optional" /> | |
3228 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3229 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3230 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3231 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3232 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3233 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3234 | </xs:complexType> | |
3235 | </xs:element> | |
3236 | <xs:element name="webControls" vs:help="configuration/system.web/webControls"> | |
3237 | <xs:complexType> | |
3238 | <xs:attribute name="clientScriptsLocation" use="required"> | |
3239 | <xs:simpleType> | |
3240 | <xs:restriction base="xs:string"> | |
3241 | <xs:minLength value="1" /> | |
3242 | </xs:restriction> | |
3243 | </xs:simpleType> | |
3244 | </xs:attribute> | |
3245 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3246 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3247 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3248 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3249 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3250 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3251 | </xs:complexType> | |
3252 | </xs:element> | |
3253 | <xs:element name="webParts" vs:help="configuration/system.web/webParts"> | |
3254 | <xs:complexType> | |
3255 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3256 | <xs:element name="personalization" vs:help="configuration/system.web/webParts/personalization"> | |
3257 | <xs:complexType> | |
3258 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3259 | <xs:element name="authorization" vs:help="configuration/system.web/webParts/personalization/authorization"> | |
3260 | <xs:complexType> | |
3261 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3262 | <xs:element name="allow" vs:help="configuration/system.web/webParts/personalization/authorization/allow"> | |
3263 | <xs:complexType> | |
3264 | <xs:attribute name="roles" type="xs:string" use="optional" /> | |
3265 | <xs:attribute name="users" type="xs:string" use="optional" /> | |
3266 | <xs:attribute name="verbs" type="xs:string" use="optional" /> | |
3267 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3268 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3269 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3270 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3271 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3272 | </xs:complexType> | |
3273 | </xs:element> | |
3274 | <xs:element name="deny" vs:help="configuration/system.web/webParts/personalization/authorization/deny"> | |
3275 | <xs:complexType> | |
3276 | <xs:attribute name="roles" type="xs:string" use="optional" /> | |
3277 | <xs:attribute name="users" type="xs:string" use="optional" /> | |
3278 | <xs:attribute name="verbs" type="xs:string" use="optional" /> | |
3279 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3280 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3281 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3282 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3283 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3284 | </xs:complexType> | |
3285 | </xs:element> | |
3286 | </xs:choice> | |
3287 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3288 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3289 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3290 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3291 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3292 | </xs:complexType> | |
3293 | </xs:element> | |
3294 | <xs:element name="providers" vs:help="configuration/system.web/webParts/personalization/providers"> | |
3295 | <xs:complexType> | |
3296 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3297 | <xs:element name="add" vs:help="configuration/system.web/webParts/personalization/providers/add"> | |
3298 | <xs:complexType> | |
3299 | <xs:attribute name="name" type="xs:string" use="required" /> | |
3300 | <xs:attribute name="type" type="xs:string" use="required" /> | |
3301 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3302 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3303 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3304 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3305 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3306 | <xs:anyAttribute processContents="skip" /> | |
3307 | </xs:complexType> | |
3308 | </xs:element> | |
3309 | <xs:element name="remove" vs:help="configuration/system.web/webParts/personalization/providers/remove"> | |
3310 | <xs:complexType> | |
3311 | <xs:attribute name="name" type="xs:string" use="required" /> | |
3312 | </xs:complexType> | |
3313 | </xs:element> | |
3314 | <xs:element name="clear" vs:help="configuration/system.web/webParts/personalization/providers/clear"> | |
3315 | <xs:complexType> | |
3316 | <!--tag is empty--> | |
3317 | </xs:complexType> | |
3318 | </xs:element> | |
3319 | </xs:choice> | |
3320 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3321 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3322 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3323 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3324 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3325 | </xs:complexType> | |
3326 | </xs:element> | |
3327 | </xs:choice> | |
3328 | <xs:attribute name="defaultProvider" use="optional"> | |
3329 | <xs:simpleType> | |
3330 | <xs:restriction base="xs:string"> | |
3331 | <xs:minLength value="1" /> | |
3332 | </xs:restriction> | |
3333 | </xs:simpleType> | |
3334 | </xs:attribute> | |
3335 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3336 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3337 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3338 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3339 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3340 | </xs:complexType> | |
3341 | </xs:element> | |
3342 | <xs:element name="transformers" vs:help="configuration/system.web/webParts/transformers"> | |
3343 | <xs:complexType> | |
3344 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3345 | <xs:element name="add" vs:help="configuration/system.web/webParts/transformers/add"> | |
3346 | <xs:complexType> | |
3347 | <xs:anyAttribute processContents="skip" /> | |
3348 | </xs:complexType> | |
3349 | </xs:element> | |
3350 | <xs:element name="remove" vs:help="configuration/system.web/webParts/transformers/remove"> | |
3351 | <xs:complexType> | |
3352 | <xs:attribute name="name" use="required"> | |
3353 | <xs:simpleType> | |
3354 | <xs:restriction base="xs:string"> | |
3355 | <xs:minLength value="1" /> | |
3356 | </xs:restriction> | |
3357 | </xs:simpleType> | |
3358 | </xs:attribute> | |
3359 | </xs:complexType> | |
3360 | </xs:element> | |
3361 | <xs:element name="clear" vs:help="configuration/system.web/webParts/transformers/clear"> | |
3362 | <xs:complexType> | |
3363 | <!--tag is empty--> | |
3364 | </xs:complexType> | |
3365 | </xs:element> | |
3366 | </xs:choice> | |
3367 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3368 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3369 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3370 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3371 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3372 | </xs:complexType> | |
3373 | </xs:element> | |
3374 | </xs:choice> | |
3375 | <xs:attribute name="enableExport" type="small_boolean_Type" use="optional" /> | |
3376 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3377 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3378 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3379 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3380 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3381 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3382 | </xs:complexType> | |
3383 | </xs:element> | |
3384 | <xs:element name="webServices" vs:help="configuration/system.web/webServices"> | |
3385 | <xs:complexType> | |
3386 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3387 | <xs:element name="conformanceWarnings" vs:help="configuration/system.web/webServices/conformanceWarnings"> | |
3388 | <xs:complexType> | |
3389 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3390 | <xs:element name="add" vs:help="configuration/system.web/webServices/conformanceWarnings/add"> | |
3391 | <xs:complexType> | |
3392 | <xs:attribute name="name" use="optional"> | |
3393 | <xs:simpleType> | |
3394 | <xs:union> | |
3395 | <xs:simpleType> | |
3396 | <xs:restriction base="xs:NMTOKEN"> | |
3397 | <xs:enumeration value="BasicProfile1_1" /> | |
3398 | <xs:enumeration value="None" /> | |
3399 | </xs:restriction> | |
3400 | </xs:simpleType> | |
3401 | <xs:simpleType> | |
3402 | <xs:restriction base="xs:string" /> | |
3403 | </xs:simpleType> | |
3404 | </xs:union> | |
3405 | </xs:simpleType> | |
3406 | </xs:attribute> | |
3407 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3408 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3409 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3410 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3411 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3412 | </xs:complexType> | |
3413 | </xs:element> | |
3414 | <xs:element name="remove" vs:help="configuration/system.web/webServices/conformanceWarnings/remove"> | |
3415 | <xs:complexType> | |
3416 | <xs:attribute name="name" use="optional"> | |
3417 | <xs:simpleType> | |
3418 | <xs:union> | |
3419 | <xs:simpleType> | |
3420 | <xs:restriction base="xs:NMTOKEN"> | |
3421 | <xs:enumeration value="BasicProfile1_1" /> | |
3422 | <xs:enumeration value="None" /> | |
3423 | </xs:restriction> | |
3424 | </xs:simpleType> | |
3425 | <xs:simpleType> | |
3426 | <xs:restriction base="xs:string" /> | |
3427 | </xs:simpleType> | |
3428 | </xs:union> | |
3429 | </xs:simpleType> | |
3430 | </xs:attribute> | |
3431 | </xs:complexType> | |
3432 | </xs:element> | |
3433 | <xs:element name="clear" vs:help="configuration/system.web/webServices/conformanceWarnings/clear"> | |
3434 | <xs:complexType> | |
3435 | <!--tag is empty--> | |
3436 | </xs:complexType> | |
3437 | </xs:element> | |
3438 | </xs:choice> | |
3439 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3440 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3441 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3442 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3443 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3444 | </xs:complexType> | |
3445 | </xs:element> | |
3446 | <xs:element name="diagnostics" vs:help="configuration/system.web/webServices/diagnostics"> | |
3447 | <xs:complexType> | |
3448 | <xs:attribute name="suppressReturningExceptions" type="small_boolean_Type" use="optional" /> | |
3449 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3450 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3451 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3452 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3453 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3454 | </xs:complexType> | |
3455 | </xs:element> | |
3456 | <xs:element name="protocols" vs:help="configuration/system.web/webServices/protocols"> | |
3457 | <xs:complexType> | |
3458 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3459 | <xs:element name="add" vs:help="configuration/system.web/webServices/protocols/add"> | |
3460 | <xs:complexType> | |
3461 | <xs:attribute name="name" use="optional"> | |
3462 | <xs:simpleType> | |
3463 | <xs:union> | |
3464 | <xs:simpleType> | |
3465 | <xs:restriction base="xs:NMTOKEN"> | |
3466 | <xs:enumeration value="AnyHttpSoap" /> | |
3467 | <xs:enumeration value="Documentation" /> | |
3468 | <xs:enumeration value="HttpGet" /> | |
3469 | <xs:enumeration value="HttpPost" /> | |
3470 | <xs:enumeration value="HttpPostLocalhost" /> | |
3471 | <xs:enumeration value="HttpSoap" /> | |
3472 | <xs:enumeration value="HttpSoap12" /> | |
3473 | <xs:enumeration value="Unknown" /> | |
3474 | </xs:restriction> | |
3475 | </xs:simpleType> | |
3476 | <xs:simpleType> | |
3477 | <xs:restriction base="xs:string" /> | |
3478 | </xs:simpleType> | |
3479 | </xs:union> | |
3480 | </xs:simpleType> | |
3481 | </xs:attribute> | |
3482 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3483 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3484 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3485 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3486 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3487 | </xs:complexType> | |
3488 | </xs:element> | |
3489 | <xs:element name="remove" vs:help="configuration/system.web/webServices/protocols/remove"> | |
3490 | <xs:complexType> | |
3491 | <xs:attribute name="name" use="optional"> | |
3492 | <xs:simpleType> | |
3493 | <xs:union> | |
3494 | <xs:simpleType> | |
3495 | <xs:restriction base="xs:NMTOKEN"> | |
3496 | <xs:enumeration value="AnyHttpSoap" /> | |
3497 | <xs:enumeration value="Documentation" /> | |
3498 | <xs:enumeration value="HttpGet" /> | |
3499 | <xs:enumeration value="HttpPost" /> | |
3500 | <xs:enumeration value="HttpPostLocalhost" /> | |
3501 | <xs:enumeration value="HttpSoap" /> | |
3502 | <xs:enumeration value="HttpSoap12" /> | |
3503 | <xs:enumeration value="Unknown" /> | |
3504 | </xs:restriction> | |
3505 | </xs:simpleType> | |
3506 | <xs:simpleType> | |
3507 | <xs:restriction base="xs:string" /> | |
3508 | </xs:simpleType> | |
3509 | </xs:union> | |
3510 | </xs:simpleType> | |
3511 | </xs:attribute> | |
3512 | </xs:complexType> | |
3513 | </xs:element> | |
3514 | <xs:element name="clear" vs:help="configuration/system.web/webServices/protocols/clear"> | |
3515 | <xs:complexType> | |
3516 | <!--tag is empty--> | |
3517 | </xs:complexType> | |
3518 | </xs:element> | |
3519 | </xs:choice> | |
3520 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3521 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3522 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3523 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3524 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3525 | </xs:complexType> | |
3526 | </xs:element> | |
3527 | <xs:element name="serviceDescriptionFormatExtensionTypes" vs:help="configuration/system.web/webServices/serviceDescriptionFormatExtensionTypes"> | |
3528 | <xs:complexType> | |
3529 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3530 | <xs:element name="add" vs:help="configuration/system.web/webServices/serviceDescriptionFormatExtensionTypes/add"> | |
3531 | <xs:complexType> | |
3532 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
3533 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3534 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3535 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3536 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3537 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3538 | </xs:complexType> | |
3539 | </xs:element> | |
3540 | <xs:element name="remove" vs:help="configuration/system.web/webServices/serviceDescriptionFormatExtensionTypes/remove"> | |
3541 | <xs:complexType> | |
3542 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
3543 | </xs:complexType> | |
3544 | </xs:element> | |
3545 | <xs:element name="clear" vs:help="configuration/system.web/webServices/serviceDescriptionFormatExtensionTypes/clear"> | |
3546 | <xs:complexType> | |
3547 | <!--tag is empty--> | |
3548 | </xs:complexType> | |
3549 | </xs:element> | |
3550 | </xs:choice> | |
3551 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3552 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3553 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3554 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3555 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3556 | </xs:complexType> | |
3557 | </xs:element> | |
3558 | <xs:element name="soapEnvelopeProcessing" vs:help="configuration/system.web/webServices/soapEnvelopeProcessing"> | |
3559 | <xs:complexType> | |
3560 | <xs:attribute name="strict" type="small_boolean_Type" use="optional" /> | |
3561 | <xs:attribute name="readTimeout" use="optional"> | |
3562 | <xs:simpleType> | |
3563 | <xs:union memberTypes="xs:int Infinite"> | |
3564 | <xs:simpleType> | |
3565 | <xs:restriction base="xs:int" /> | |
3566 | </xs:simpleType> | |
3567 | </xs:union> | |
3568 | </xs:simpleType> | |
3569 | </xs:attribute> | |
3570 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3571 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3572 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3573 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3574 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3575 | </xs:complexType> | |
3576 | </xs:element> | |
3577 | <xs:element name="soapExtensionImporterTypes" vs:help="configuration/system.web/webServices/soapExtensionImporterTypes"> | |
3578 | <xs:complexType> | |
3579 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3580 | <xs:element name="add" vs:help="configuration/system.web/webServices/soapExtensionImporterTypes/add"> | |
3581 | <xs:complexType> | |
3582 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
3583 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3584 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3585 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3586 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3587 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3588 | </xs:complexType> | |
3589 | </xs:element> | |
3590 | <xs:element name="remove" vs:help="configuration/system.web/webServices/soapExtensionImporterTypes/remove"> | |
3591 | <xs:complexType> | |
3592 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
3593 | </xs:complexType> | |
3594 | </xs:element> | |
3595 | <xs:element name="clear" vs:help="configuration/system.web/webServices/soapExtensionImporterTypes/clear"> | |
3596 | <xs:complexType> | |
3597 | <!--tag is empty--> | |
3598 | </xs:complexType> | |
3599 | </xs:element> | |
3600 | </xs:choice> | |
3601 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3602 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3603 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3604 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3605 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3606 | </xs:complexType> | |
3607 | </xs:element> | |
3608 | <xs:element name="soapExtensionReflectorTypes" vs:help="configuration/system.web/webServices/soapExtensionReflectorTypes"> | |
3609 | <xs:complexType> | |
3610 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3611 | <xs:element name="add" vs:help="configuration/system.web/webServices/soapExtensionReflectorTypes/add"> | |
3612 | <xs:complexType> | |
3613 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
3614 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3615 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3616 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3617 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3618 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3619 | </xs:complexType> | |
3620 | </xs:element> | |
3621 | <xs:element name="remove" vs:help="configuration/system.web/webServices/soapExtensionReflectorTypes/remove"> | |
3622 | <xs:complexType> | |
3623 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
3624 | </xs:complexType> | |
3625 | </xs:element> | |
3626 | <xs:element name="clear" vs:help="configuration/system.web/webServices/soapExtensionReflectorTypes/clear"> | |
3627 | <xs:complexType> | |
3628 | <!--tag is empty--> | |
3629 | </xs:complexType> | |
3630 | </xs:element> | |
3631 | </xs:choice> | |
3632 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3633 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3634 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3635 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3636 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3637 | </xs:complexType> | |
3638 | </xs:element> | |
3639 | <xs:element name="soapExtensionTypes" vs:help="configuration/system.web/webServices/soapExtensionTypes"> | |
3640 | <xs:complexType> | |
3641 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3642 | <xs:element name="add" vs:help="configuration/system.web/webServices/soapExtensionTypes/add"> | |
3643 | <xs:complexType> | |
3644 | <xs:attribute name="group" use="optional"> | |
3645 | <xs:simpleType> | |
3646 | <xs:restriction base="xs:NMTOKEN"> | |
3647 | <xs:enumeration value="High" /> | |
3648 | <xs:enumeration value="Low" /> | |
3649 | </xs:restriction> | |
3650 | </xs:simpleType> | |
3651 | </xs:attribute> | |
3652 | <xs:attribute name="priority" use="optional"> | |
3653 | <xs:simpleType> | |
3654 | <xs:restriction base="xs:int"> | |
3655 | <xs:minInclusive value="0" /> | |
3656 | </xs:restriction> | |
3657 | </xs:simpleType> | |
3658 | </xs:attribute> | |
3659 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
3660 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3661 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3662 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3663 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3664 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3665 | </xs:complexType> | |
3666 | </xs:element> | |
3667 | <xs:element name="remove" vs:help="configuration/system.web/webServices/soapExtensionTypes/remove"> | |
3668 | <xs:complexType> | |
3669 | <xs:attribute name="group" use="optional"> | |
3670 | <xs:simpleType> | |
3671 | <xs:restriction base="xs:NMTOKEN"> | |
3672 | <xs:enumeration value="High" /> | |
3673 | <xs:enumeration value="Low" /> | |
3674 | </xs:restriction> | |
3675 | </xs:simpleType> | |
3676 | </xs:attribute> | |
3677 | <xs:attribute name="priority" use="optional"> | |
3678 | <xs:simpleType> | |
3679 | <xs:restriction base="xs:int"> | |
3680 | <xs:minInclusive value="0" /> | |
3681 | </xs:restriction> | |
3682 | </xs:simpleType> | |
3683 | </xs:attribute> | |
3684 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
3685 | </xs:complexType> | |
3686 | </xs:element> | |
3687 | <xs:element name="clear" vs:help="configuration/system.web/webServices/soapExtensionTypes/clear"> | |
3688 | <xs:complexType> | |
3689 | <!--tag is empty--> | |
3690 | </xs:complexType> | |
3691 | </xs:element> | |
3692 | </xs:choice> | |
3693 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3694 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3695 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3696 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3697 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3698 | </xs:complexType> | |
3699 | </xs:element> | |
3700 | <xs:element name="soapServerProtocolFactory" vs:help="configuration/system.web/webServices/soapServerProtocolFactory"> | |
3701 | <xs:complexType> | |
3702 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
3703 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3704 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3705 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3706 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3707 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3708 | </xs:complexType> | |
3709 | </xs:element> | |
3710 | <xs:element name="soapTransportImporterTypes" vs:help="configuration/system.web/webServices/soapTransportImporterTypes"> | |
3711 | <xs:complexType> | |
3712 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3713 | <xs:element name="add" vs:help="configuration/system.web/webServices/soapTransportImporterTypes/add"> | |
3714 | <xs:complexType> | |
3715 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
3716 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3717 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3718 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3719 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3720 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3721 | </xs:complexType> | |
3722 | </xs:element> | |
3723 | <xs:element name="remove" vs:help="configuration/system.web/webServices/soapTransportImporterTypes/remove"> | |
3724 | <xs:complexType> | |
3725 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
3726 | </xs:complexType> | |
3727 | </xs:element> | |
3728 | <xs:element name="clear" vs:help="configuration/system.web/webServices/soapTransportImporterTypes/clear"> | |
3729 | <xs:complexType> | |
3730 | <!--tag is empty--> | |
3731 | </xs:complexType> | |
3732 | </xs:element> | |
3733 | </xs:choice> | |
3734 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3735 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3736 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3737 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3738 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3739 | </xs:complexType> | |
3740 | </xs:element> | |
3741 | <xs:element name="wsdlHelpGenerator" vs:help="configuration/system.web/webServices/wsdlHelpGenerator"> | |
3742 | <xs:complexType> | |
3743 | <xs:attribute name="href" type="xs:string" use="required" /> | |
3744 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3745 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3746 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3747 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3748 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3749 | </xs:complexType> | |
3750 | </xs:element> | |
3751 | </xs:choice> | |
3752 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3753 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3754 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3755 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3756 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3757 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3758 | </xs:complexType> | |
3759 | </xs:element> | |
3760 | <xs:element name="xhtmlConformance" vs:help="configuration/system.web/xhtmlConformance"> | |
3761 | <xs:complexType> | |
3762 | <xs:attribute name="mode" use="optional"> | |
3763 | <xs:simpleType> | |
3764 | <xs:restriction base="xs:NMTOKEN"> | |
3765 | <xs:enumeration value="Legacy" /> | |
3766 | <xs:enumeration value="Strict" /> | |
3767 | <xs:enumeration value="Transitional" /> | |
3768 | </xs:restriction> | |
3769 | </xs:simpleType> | |
3770 | </xs:attribute> | |
3771 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3772 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3773 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3774 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3775 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3776 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3777 | </xs:complexType> | |
3778 | </xs:element> | |
3779 | <xs:element name="caching" vs:help="configuration/system.web/caching"> | |
3780 | <xs:complexType> | |
3781 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3782 | <xs:element name="cache" vs:help="configuration/system.web/caching/cache"> | |
3783 | <xs:complexType> | |
3784 | <xs:attribute name="disableExpiration" type="small_boolean_Type" use="optional" /> | |
3785 | <xs:attribute name="disableMemoryCollection" type="small_boolean_Type" use="optional" /> | |
3786 | <xs:attribute name="percentagePhysicalMemoryUsedLimit" use="optional"> | |
3787 | <xs:simpleType> | |
3788 | <xs:restriction base="xs:int"> | |
3789 | <xs:minInclusive value="0" /> | |
3790 | </xs:restriction> | |
3791 | </xs:simpleType> | |
3792 | </xs:attribute> | |
3793 | <xs:attribute name="privateBytesLimit" type="xs:int" use="optional" /> | |
3794 | <xs:attribute name="privateBytesPollTime" type="xs:string" use="optional" /> | |
3795 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3796 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3797 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3798 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3799 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3800 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3801 | </xs:complexType> | |
3802 | </xs:element> | |
3803 | <xs:element name="outputCache" vs:help="configuration/system.web/caching/outputCache"> | |
3804 | <xs:complexType> | |
3805 | <xs:attribute name="enableFragmentCache" type="small_boolean_Type" use="optional" /> | |
3806 | <xs:attribute name="enableOutputCache" type="small_boolean_Type" use="optional" /> | |
3807 | <xs:attribute name="omitVaryStar" type="small_boolean_Type" use="optional" /> | |
3808 | <xs:attribute name="sendCacheControlHeader" type="small_boolean_Type" use="optional" /> | |
3809 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3810 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3811 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3812 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3813 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3814 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3815 | </xs:complexType> | |
3816 | </xs:element> | |
3817 | <xs:element name="outputCacheSettings" vs:help="configuration/system.web/caching/outputCacheSettings"> | |
3818 | <xs:complexType> | |
3819 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3820 | <xs:element name="outputCacheProfiles" vs:help="configuration/system.web/caching/outputCacheSettings/outputCacheProfiles"> | |
3821 | <xs:complexType> | |
3822 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3823 | <xs:element name="add" vs:help="configuration/system.web/caching/outputCacheSettings/outputCacheProfiles/add"> | |
3824 | <xs:complexType> | |
3825 | <xs:attribute name="duration" type="xs:int" use="optional" /> | |
3826 | <xs:attribute name="enabled" type="small_boolean_Type" use="optional" /> | |
3827 | <xs:attribute name="location" use="optional"> | |
3828 | <xs:simpleType> | |
3829 | <xs:restriction base="xs:NMTOKEN"> | |
3830 | <xs:enumeration value="Any" /> | |
3831 | <xs:enumeration value="Client" /> | |
3832 | <xs:enumeration value="Downstream" /> | |
3833 | <xs:enumeration value="None" /> | |
3834 | <xs:enumeration value="Server" /> | |
3835 | <xs:enumeration value="ServerAndClient" /> | |
3836 | </xs:restriction> | |
3837 | </xs:simpleType> | |
3838 | </xs:attribute> | |
3839 | <xs:attribute name="name" use="required"> | |
3840 | <xs:simpleType> | |
3841 | <xs:restriction base="xs:string"> | |
3842 | <xs:minLength value="1" /> | |
3843 | <xs:whiteSpace value="collapse" /> | |
3844 | </xs:restriction> | |
3845 | </xs:simpleType> | |
3846 | </xs:attribute> | |
3847 | <xs:attribute name="noStore" type="small_boolean_Type" use="optional" /> | |
3848 | <xs:attribute name="sqlDependency" type="xs:string" use="optional" /> | |
3849 | <xs:attribute name="varyByControl" type="xs:string" use="optional" /> | |
3850 | <xs:attribute name="varyByCustom" type="xs:string" use="optional" /> | |
3851 | <xs:attribute name="varyByHeader" type="xs:string" use="optional" /> | |
3852 | <xs:attribute name="varyByParam" type="xs:string" use="optional" /> | |
3853 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3854 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3855 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3856 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3857 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3858 | </xs:complexType> | |
3859 | </xs:element> | |
3860 | <xs:element name="remove" vs:help="configuration/system.web/caching/outputCacheSettings/outputCacheProfiles/remove"> | |
3861 | <xs:complexType> | |
3862 | <xs:attribute name="name" use="required"> | |
3863 | <xs:simpleType> | |
3864 | <xs:restriction base="xs:string"> | |
3865 | <xs:minLength value="1" /> | |
3866 | <xs:whiteSpace value="collapse" /> | |
3867 | </xs:restriction> | |
3868 | </xs:simpleType> | |
3869 | </xs:attribute> | |
3870 | </xs:complexType> | |
3871 | </xs:element> | |
3872 | <xs:element name="clear" vs:help="configuration/system.web/caching/outputCacheSettings/outputCacheProfiles/clear"> | |
3873 | <xs:complexType> | |
3874 | <!--tag is empty--> | |
3875 | </xs:complexType> | |
3876 | </xs:element> | |
3877 | </xs:choice> | |
3878 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3879 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3880 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3881 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3882 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3883 | </xs:complexType> | |
3884 | </xs:element> | |
3885 | </xs:choice> | |
3886 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3887 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3888 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3889 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3890 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3891 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3892 | </xs:complexType> | |
3893 | </xs:element> | |
3894 | <xs:element name="sqlCacheDependency" vs:help="configuration/system.web/caching/sqlCacheDependency"> | |
3895 | <xs:complexType> | |
3896 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3897 | <xs:element name="databases" vs:help="configuration/system.web/caching/sqlCacheDependency/databases"> | |
3898 | <xs:complexType> | |
3899 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3900 | <xs:element name="add" vs:help="configuration/system.web/caching/sqlCacheDependency/databases/add"> | |
3901 | <xs:complexType> | |
3902 | <xs:attribute name="connectionStringName" use="required"> | |
3903 | <xs:simpleType> | |
3904 | <xs:restriction base="xs:string"> | |
3905 | <xs:minLength value="1" /> | |
3906 | </xs:restriction> | |
3907 | </xs:simpleType> | |
3908 | </xs:attribute> | |
3909 | <xs:attribute name="name" use="required"> | |
3910 | <xs:simpleType> | |
3911 | <xs:restriction base="xs:string"> | |
3912 | <xs:minLength value="1" /> | |
3913 | </xs:restriction> | |
3914 | </xs:simpleType> | |
3915 | </xs:attribute> | |
3916 | <xs:attribute name="pollTime" type="xs:int" use="optional" /> | |
3917 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3918 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3919 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3920 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3921 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3922 | </xs:complexType> | |
3923 | </xs:element> | |
3924 | <xs:element name="remove" vs:help="configuration/system.web/caching/sqlCacheDependency/databases/remove"> | |
3925 | <xs:complexType> | |
3926 | <xs:attribute name="name" use="required"> | |
3927 | <xs:simpleType> | |
3928 | <xs:restriction base="xs:string"> | |
3929 | <xs:minLength value="1" /> | |
3930 | </xs:restriction> | |
3931 | </xs:simpleType> | |
3932 | </xs:attribute> | |
3933 | </xs:complexType> | |
3934 | </xs:element> | |
3935 | <xs:element name="clear" vs:help="configuration/system.web/caching/sqlCacheDependency/databases/clear"> | |
3936 | <xs:complexType> | |
3937 | <!--tag is empty--> | |
3938 | </xs:complexType> | |
3939 | </xs:element> | |
3940 | </xs:choice> | |
3941 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3942 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3943 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3944 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3945 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3946 | </xs:complexType> | |
3947 | </xs:element> | |
3948 | </xs:choice> | |
3949 | <xs:attribute name="enabled" type="small_boolean_Type" use="optional" /> | |
3950 | <xs:attribute name="pollTime" type="xs:int" use="optional" /> | |
3951 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3952 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3953 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3954 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3955 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3956 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3957 | </xs:complexType> | |
3958 | </xs:element> | |
3959 | </xs:choice> | |
3960 | </xs:complexType> | |
3961 | </xs:element> | |
3962 | </xs:choice> | |
3963 | </xs:complexType> | |
3964 | </xs:element> | |
3965 | <xs:element name="system.xml.serialization" vs:help="configuration/system.xml.serialization"> | |
3966 | <xs:complexType> | |
3967 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3968 | <xs:element name="dateTimeSerialization" vs:help="configuration/system.xml.serialization/dateTimeSerialization"> | |
3969 | <xs:complexType> | |
3970 | <xs:attribute name="mode" use="optional"> | |
3971 | <xs:simpleType> | |
3972 | <xs:restriction base="xs:NMTOKEN"> | |
3973 | <xs:enumeration value="Default" /> | |
3974 | <xs:enumeration value="Local" /> | |
3975 | <xs:enumeration value="Roundtrip" /> | |
3976 | </xs:restriction> | |
3977 | </xs:simpleType> | |
3978 | </xs:attribute> | |
3979 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3980 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3981 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3982 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3983 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3984 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
3985 | </xs:complexType> | |
3986 | </xs:element> | |
3987 | <xs:element name="schemaImporterExtensions" vs:help="configuration/system.xml.serialization/schemaImporterExtensions"> | |
3988 | <xs:complexType> | |
3989 | <xs:choice minOccurs="0" maxOccurs="unbounded"> | |
3990 | <xs:element name="add" vs:help="configuration/system.xml.serialization/schemaImporterExtensions/add"> | |
3991 | <xs:complexType> | |
3992 | <xs:attribute name="name" type="xs:string" use="required" /> | |
3993 | <xs:attribute name="type" type="xs:string" use="optional" /> | |
3994 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
3995 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
3996 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
3997 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
3998 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
3999 | </xs:complexType> | |
4000 | </xs:element> | |
4001 | <xs:element name="remove" vs:help="configuration/system.xml.serialization/schemaImporterExtensions/remove"> | |
4002 | <xs:complexType> | |
4003 | <xs:attribute name="name" type="xs:string" use="required" /> | |
4004 | </xs:complexType> | |
4005 | </xs:element> | |
4006 | <xs:element name="clear" vs:help="configuration/system.xml.serialization/schemaImporterExtensions/clear"> | |
4007 | <xs:complexType> | |
4008 | <!--tag is empty--> | |
4009 | </xs:complexType> | |
4010 | </xs:element> | |
4011 | </xs:choice> | |
4012 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
4013 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
4014 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
4015 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
4016 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
4017 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
4018 | </xs:complexType> | |
4019 | </xs:element> | |
4020 | <xs:element name="xmlSerializer" vs:help="configuration/system.xml.serialization/xmlSerializer"> | |
4021 | <xs:complexType> | |
4022 | <xs:attribute name="checkDeserializeAdvances" type="small_boolean_Type" use="optional" /> | |
4023 | <xs:attribute name="lockAttributes" type="xs:string" use="optional" /> | |
4024 | <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" /> | |
4025 | <xs:attribute name="lockElements" type="xs:string" use="optional" /> | |
4026 | <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" /> | |
4027 | <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" /> | |
4028 | <xs:attribute name="configSource" type="xs:string" use="optional" /> | |
4029 | </xs:complexType> | |
4030 | </xs:element> | |
4031 | </xs:choice> | |
4032 | </xs:complexType> | |
4033 | </xs:element> | |
4034 | </xs:schema>⏎ |
0 | ''' | |
1 | Faraday Penetration Test IDE | |
2 | Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/) | |
3 | See the file 'doc/LICENSE' for the license information | |
4 | ||
5 | ''' | |
6 | ||
7 | # I'm Py3⏎ |
0 | ''' | |
1 | Faraday Penetration Test IDE | |
2 | Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/) | |
3 | See the file 'doc/LICENSE' for the license information | |
4 | ||
5 | ''' | |
6 | ||
7 | #!/usr/bin/env python | |
8 | # -*- coding: utf-8 -*- | |
9 | import re | |
10 | from lxml import etree as ET | |
11 | ||
12 | VRAI = ['yes','on','1'] | |
13 | FAUX = ['no','off','0'] | |
14 | ||
15 | def equals(value1,value2): | |
16 | if (value1.lower() in VRAI and value2.lower() in VRAI) or (value1.lower() in FAUX and value2.lower() in FAUX): | |
17 | return True | |
18 | else: | |
19 | return False | |
20 | ||
21 | #Good practices | |
22 | rules = { | |
23 | 'session.use_cookies':['Cookies for sessions are disabled','1'], | |
24 | 'session.use_only_cookies':['Only cookies for sessions is disabled','1'], | |
25 | 'session.cookie_httponly':['Cookies are not set to HTTP only','1'], | |
26 | 'session.bug_compat_42':['Bug compatibility 42 is enabled','0'], | |
27 | 'session.bug_compat_warn':['Bug compatibility 42 warning is enabled','0'], | |
28 | 'session.use_trans_sid':['Use of \'use_trans_sid\' is considered harmful','0'], | |
29 | 'session.cookie_secure':['Cookie is not set to secure connection','1'], | |
30 | 'session.use_strict_mode':['Strict mode is disabled for session fixation prevention','1'], | |
31 | 'session.cookie_domain':['Cookie domain is not set',''], | |
32 | 'session.hash_function':['Weak session id generation: a stronger hash function such as SHA256 should be used',''], | |
33 | 'allow_url_fopen':['Remote file opening is allowed','off'], | |
34 | 'allow_url_include':['Remote file including is allowed','off'], | |
35 | 'error_reporting':['Errors reports are enabled in production','0'], | |
36 | 'display_errors':['Errors should not be shown in production','off'], | |
37 | 'log_errors':['Log errors are not written in production','on'], | |
38 | 'expose_php':['PHP signature should disabled','off'], | |
39 | 'register_globals':['Register globals is enabled','off'], | |
40 | 'magic_quotes_gpc':['Magic quotes is enabled','off'], | |
41 | 'magic_quotes_runtime':['Magic quotes is enabled at runtime','off'], | |
42 | 'safe_mode':['Safe mode is enabled','off'], | |
43 | 'register_long_arrays':['Register long arrays is enabled','off'], | |
44 | 'display_startup_errors':['Startup errors is displayed','off'], | |
45 | 'max_input_vars':['Maximum input variables is not set',''], | |
46 | 'open_basedir':['You should restrict PHP\'s file system access (basedir)',''], | |
47 | 'memory_limit':['You should define a reasonable memory limit (<128 M)',''], | |
48 | 'post_max_size':['You should define a reasonable max post size ',''], | |
49 | 'upload_max_filesize':['You should define a reasonable max upload size',''], | |
50 | 'upload_tmp_dir':['You should define a temporary directory used for file uploads',''], | |
51 | 'asp_tags':['ASP tag handling is not turned off','0'], | |
52 | 'xdebug.default_enable':['Xdebug is enabled','0'], | |
53 | 'xdebug.remote_enable':['Xdebug should not be trying to contact debug clients','0'], | |
54 | } | |
55 | ||
56 | #Lines of config whose default values are bad | |
57 | bad_default_config = ['session.cookie_httponly','session.bug_compat_42', | |
58 | 'session.bug_compat_warn','allow_url_fopen', | |
59 | 'error_reporting','display_errors','log_errors', | |
60 | 'expose_php','magic_quotes_gpc','register_long_arrays'] | |
61 | ||
62 | #Lines of config that is not set (value by the user) | |
63 | is_set_config = ['max_input_vars','open_basedir', 'memory_limit','post_max_size', | |
64 | 'upload_max_filesize','upload_tmp_dir'] | |
65 | ||
66 | #Weak hashing functions | |
67 | weak_functions = ['md2', 'md4', 'md5', 'sha1', 'gost', 'snefru', '0', '1'] | |
68 | ||
69 | #To-be-disabled functions | |
70 | weak_php_functions = ['passthru', 'shell_exec', 'exec', | |
71 | 'system', 'popen', 'stream_select'] | |
72 | ||
73 | ||
74 | class PhpIniScan: | |
75 | ||
76 | def __init__(self, file, xml): | |
77 | self.config = "" | |
78 | for line in open(file,"r"): | |
79 | if not re.match(r'(^(;|\[))',line,) and line[0] != '\n': | |
80 | self.config += line.lstrip() | |
81 | self.recommended = "\nRecommended configuration changes in php.ini:\n" | |
82 | self.xml = xml | |
83 | ||
84 | def xml_export(self,directive,rec): | |
85 | if self.xml is not None: | |
86 | newElement = ET.SubElement(self.xml, directive[0]) | |
87 | newElement.attrib['rec'] = rec | |
88 | newElement.text = directive[1] | |
89 | ||
90 | def global_check(self): | |
91 | print("[+]\033[0;41mVulnerabilites/Informations\033[0m:") | |
92 | for line in self.config.split('\n'): | |
93 | directive = ''.join(line.split()).split('=') | |
94 | ||
95 | if ( rules.has_key(directive[0]) and not equals(rules[directive[0]][1],directive[1])) or directive[0] in bad_default_config: | |
96 | print(" \033[1;30m({})\033[0m {}".format(directive[0],rules[directive[0]][0])) | |
97 | self.recommended += " {} = {}\n".format(directive[0],rules[directive[0]][1]) | |
98 | self.xml_export(directive,rules[directive[0]][0]) | |
99 | continue | |
100 | ||
101 | if rules.has_key(directive[0]) and directive[1] == "": | |
102 | print(" \033[1;30m({})\033[0m {}".format(directive[0],rules[directive[0]][0])) | |
103 | self.recommended += " {} = {}\n".format(directive[0],rules[directive[0]][1]) | |
104 | self.xml_export(directive,rules[directive[0]][0]) | |
105 | continue | |
106 | ||
107 | if directive[0] == "session.hash_function" and directive[1] in weak_functions: | |
108 | print(" \033[1;30m({})\033[0m {}".format(directive[0],rules[directive[0]][0])) | |
109 | self.recommended += " {} = sha256\n".format(directive[0]) | |
110 | self.xml_export(directive,rules[directive[0]][0]) | |
111 | continue | |
112 | ||
113 | if directive[0] == "disable_functions": | |
114 | for option in weak_php_functions: | |
115 | if not option in directive[1]: | |
116 | print(" \033[1;30m(disable_functions)\033[0m {} not listed".format(option)) | |
117 | self.recommended += " disable_functions = ... , {} , ...\n".format(option) | |
118 | self.xml_export(directive,"") | |
119 | continue | |
120 | ||
121 | for element in is_set_config: | |
122 | if not element in self.config: | |
123 | print(" \033[1;30m({})\033[0m {}".format(element,rules[element][0])) | |
124 | self.recommended += " {} is not set\n".format(element) | |
125 | directive = [element,'isNotSet'] | |
126 | self.xml_export(directive,rules[directive[0]][0]) | |
127 | ||
128 | for element in bad_default_config: | |
129 | if not element in self.config: | |
130 | print(" \033[1;30m({})\033[0m {}".format(element,rules[element][0])) | |
131 | self.recommended += " {} = {}\n".format(element,rules[element][1]) | |
132 | directive = [element,'defaultValue'] | |
133 | self.xml_export(directive,rules[directive[0]][0]) | |
134 | ||
135 | # TODO Session save path not set or world writeable || CheckSessionPath | |
136 | # TODO Entropy file is not defined || CheckSessionEntropyPath | |
137 | # TODO Maximum post size too large || MaximumPostSize | |
138 | # TODO Disable harmful CLI functions || DisableCliFunctions | |
139 | # TODO CVE-2013-1635 || CheckSoapWsdlCacheDir | |
140 | # TODO Ensure file uploads workCheck || UploadTmpDir | |
141 | # TODO check the sizes (in M) f some parameters) | |
142 | ||
143 | def scanner(file,recmode,xml): | |
144 | filetoscan = PhpIniScan(file,xml) | |
145 | filetoscan.global_check() | |
146 | if recmode: | |
147 | print(filetoscan.recommended) | |
148 | # I'm Py3⏎ |
0 | #!/usr/bin/env python | |
1 | # -*- coding: utf-8 -*- | |
2 | ||
3 | ''' | |
4 | Faraday Penetration Test IDE | |
5 | Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/) | |
6 | See the file 'doc/LICENSE' for the license information | |
7 | ||
8 | ''' | |
9 | ||
10 | from lxml import etree as ET | |
11 | ||
12 | rules = { | |
13 | 'compilation':{'debug':['ASP.NET Debugging enabled', | |
14 | 'false']}, | |
15 | 'customErrors':{'mode':['Custom Errors disabled', | |
16 | 'on remoteonly']}, | |
17 | 'forms':{'cookieless':['Cookieless authentication Enabled for form', | |
18 | 'usecookies'], | |
19 | 'requireSSL':['SSL connection is not required', | |
20 | 'true'], | |
21 | 'slidingExpiration':['Sliding expiration enabled', | |
22 | 'false'], | |
23 | 'enableCrossAppRedirects':['URL Redirection enabled', | |
24 | 'false'], | |
25 | 'protection':['The cookies are only encrypted or only validated or not protected', | |
26 | 'all']}, | |
27 | 'httpCookies':{'httpOnlyCookies':['Web cookies are not HttpOnly', | |
28 | 'true'], | |
29 | 'requireSSL':['Web cookies don\'t require SSL', | |
30 | 'true']}, | |
31 | 'pages':{'enableViewState':['ViewState is enabled (CRSF vulnerability)', | |
32 | 'true'], | |
33 | 'enableViewStateMac':['ViewState integrity is not checked', | |
34 | 'true'], | |
35 | 'viewStateEncryptionMode':['ViewState may not be encrypted', | |
36 | 'always'], | |
37 | 'validateRequest':['Page Validation is not used (XSS vulnerability)', | |
38 | 'true']}, | |
39 | 'roleManager':{'cookieRequireSSL':['Cookies don\'t Require SSL', | |
40 | 'true'], | |
41 | 'cookieSlidingExpiration':['Sliding expiration enabled', | |
42 | 'false'], | |
43 | 'cookieProtection':['The cookies are only encrypted or only validated or not protected', | |
44 | 'all'], | |
45 | 'cookiePath':['Liberal path defined','']}, | |
46 | 'sessionState':{'cookieless':['Cookieless session stated enabled', | |
47 | 'usecookies']}, | |
48 | 'trace':{'enabled':['Trace is enabled', | |
49 | 'false'], | |
50 | 'localOnly':['Trace localOnly on false', | |
51 | 'true']}, | |
52 | 'trust':{'level':['Web application\'s trust level is higher than Minimal', | |
53 | 'minimal']}, | |
54 | 'user':{'':['Passwords (or its hashes) are hardcoded','']} | |
55 | } | |
56 | ||
57 | class WebConfigScan: | |
58 | ||
59 | def __init__(self, file, xml): | |
60 | tree = ET.parse(file) | |
61 | self.root = tree.getroot() | |
62 | self.recommended = "\nRecommended configuration changes in web.config:\n" | |
63 | self.xml = xml | |
64 | ||
65 | def xml_export(self,directive,rec): | |
66 | if self.xml is not None: | |
67 | newElement = ET.SubElement(self.xml, directive[0]) | |
68 | if len(directive) == 4: | |
69 | newElement.attrib['name'] = directive[3] | |
70 | newElement.attrib['option'] = directive[1] | |
71 | newElement.attrib['rec'] = rec | |
72 | newElement.text = directive[2] | |
73 | ||
74 | ||
75 | def global_check(self): | |
76 | print("[+]\033[0;41mVulnerabilites/Informations\033[0m:") | |
77 | countforms = 0 | |
78 | nameforms = [] | |
79 | for element in rules: | |
80 | for tag in self.root.findall(".//"+element): | |
81 | if element == "forms": | |
82 | countforms += 1 | |
83 | nameforms.append(tag.attrib['name']) | |
84 | if element == "user": | |
85 | print(" \033[1;30m{}\033[0m {}: {} \033[1;30m({})\033[0m".format(element, | |
86 | tag.attrib['name'], | |
87 | rules[element][''][0], | |
88 | option)) | |
89 | self.recommended += " Not to store passwords or hashes in web.config\n" | |
90 | self.xml_export(directive=[element, tag.attrib['name'],'hardcoded'], | |
91 | rec=rules[element][''][0]) | |
92 | continue | |
93 | ||
94 | for option in tag.attrib: | |
95 | if element == "customErrors" and rules[element].has_key(option) and not tag.attrib[option].lower() in rules[element][option][1]: | |
96 | print(" \033[1;30m{}\033[0m: {} \033[1;30m({})\033[0m".format(element, | |
97 | rules[element][option][0], | |
98 | option)) | |
99 | self.recommended += " <{} {}=\"{}\"/>\n".format(element,option,rules[element][option][1]) | |
100 | self.xml_export(directive=[element,option,'disabled'], | |
101 | rec=rules[element][option][0]) | |
102 | continue | |
103 | ||
104 | elif element == "roleManager" and option == "cookiePath": | |
105 | print(" \033[1;30mroleManager\033[0m: Liberal path defined ('{}') (\033[1;30mcookiePath\033[0m)".format(tag.attrib[option].lower())) | |
106 | self.recommended += " <roleManager cookiePath=\"{abcd1234…}\">\n" | |
107 | self.xml_export(directive=[element,option,'liberal'], | |
108 | rec=rules[element][option][0]) | |
109 | continue | |
110 | ||
111 | if rules[element].has_key(option) and tag.attrib[option].lower() != rules[element][option][1]: | |
112 | if element == "forms": | |
113 | print(" \033[1;30m{}\033[0m {}: {} \033[1;30m({})\033[0m".format(element, | |
114 | tag.attrib['name'], | |
115 | rules[element][option][0], | |
116 | option)) | |
117 | self.xml_export(directive=[element,option,tag.attrib[option],tag.attrib['name']], | |
118 | rec=rules[element][option][0]) | |
119 | ||
120 | else: | |
121 | print(" \033[1;30m{}\033[0m: {} \033[1;30m({})\033[0m".format(element, | |
122 | rules[element][option][0], | |
123 | option)) | |
124 | ||
125 | self.xml_export(directive=[element,option,tag.attrib[option]], | |
126 | rec=rules[element][option][0]) | |
127 | self.recommended += " <{} {}=\"{}\"/>\n".format(element,option,rules[element][option][1]) | |
128 | continue | |
129 | ||
130 | if countforms > 1 and (nameforms.index('.ASPXAUTH') != "-1" or nameforms.index('ASPXAUTH') != "-1"): | |
131 | print(" \033[1;30mforms\033[0m: Non-Unique authentication cookie used\033[1;30m (name)\033[0m") | |
132 | self.recommended += " <forms name=\"{abcd1234…}\">\n" | |
133 | self.xml_export(directive=['nameforms','name','false'], | |
134 | rec="Non-Unique authentication cookie used") | |
135 | ||
136 | def scanner(file,recmode,xml): | |
137 | filetoscan = WebConfigScan(file,xml) | |
138 | filetoscan.global_check() | |
139 | if recmode: | |
140 | print(filetoscan.recommended) | |
141 | ||
142 | # I'm Py3⏎ |
456 | 456 | ) |
457 | 457 | assert res.status_code == 400 |
458 | 458 | |
459 | def test_run_agent_invalid_executor_argument(self, session, test_client): | |
460 | agent = AgentFactory.create(workspaces=[self.workspace]) | |
461 | executor = ExecutorFactory.create(agent=agent) | |
462 | ||
463 | session.add(executor) | |
464 | session.commit() | |
465 | ||
466 | payload = { | |
467 | 'executorData': { | |
468 | "args": { | |
469 | "another_param_name": 'param_content' | |
470 | }, | |
471 | "executor": executor.name | |
472 | } | |
473 | } | |
474 | ||
475 | res = test_client.post( | |
476 | urljoin(self.url(agent), 'run'), | |
477 | json=payload | |
478 | ) | |
479 | ||
480 | assert res.status_code == 400 | |
481 | ||
459 | 482 | def test_invalid_body(self, test_client, session): |
460 | 483 | agent = AgentFactory.create(workspaces=[self.workspace]) |
461 | 484 | session.add(agent) |
13 | 13 | Vulnerability, |
14 | 14 | VulnerabilityGeneric, |
15 | 15 | VulnerabilityWeb, |
16 | Workspace | |
17 | ) | |
16 | Workspace) | |
17 | ||
18 | 18 | from faraday.server.api.modules import bulk_create as bc |
19 | 19 | from tests.factories import CustomFieldsSchemaFactory |
20 | 20 | from faraday.server.threads.reports_processor import REPORTS_QUEUE |
40 | 40 | 'accountability': True, |
41 | 41 | 'availability': False, |
42 | 42 | }, |
43 | 'refs': ['CVE-1234'], | |
43 | 'refs': ['CVE-2021-1234', 'CVE-2020-0004'], | |
44 | 'cve': ['CVE-2021-1234', 'CVE-2020-0001'], | |
44 | 45 | 'tool': 'some_tool', |
45 | 46 | 'data': 'test data', |
46 | 47 | 'custom_fields': {} |
182 | 183 | assert vuln.impact_accountability |
183 | 184 | assert not vuln.impact_availability |
184 | 185 | assert not vuln.impact_confidentiality |
185 | assert vuln.references == {u'CVE-1234'} | |
186 | assert set(vuln.references) == set(vuln_data['refs']) | |
187 | assert set(vuln.cve) == set(vuln_data['cve'] + vuln_data['refs']) | |
188 | assert len(vuln.cve) == len(set(vuln_data['cve'] + vuln_data['refs'])) | |
186 | 189 | assert vuln.tool == "some_tool" |
187 | 190 | |
188 | 191 | |
199 | 202 | assert vuln.impact_accountability |
200 | 203 | assert not vuln.impact_availability |
201 | 204 | assert not vuln.impact_confidentiality |
202 | assert vuln.references == {u'CVE-1234'} | |
205 | assert set(vuln.references) == set(vuln_data['refs']) | |
206 | assert set(vuln.cve) == set(vuln_data['cve'] + vuln_data['refs']) | |
207 | assert len(vuln.cve) == len(set(vuln_data['cve'] + vuln_data['refs'])) | |
203 | 208 | assert vuln.tool == "some_tool" |
204 | 209 | |
205 | 210 | |
210 | 215 | bc._create_hostvuln(host.workspace, host, data) |
211 | 216 | vuln = host.workspace.vulnerabilities[0] |
212 | 217 | assert vuln.tool == "Web UI" |
218 | ||
219 | ||
220 | def test_create_not_fail_with_cve(session, host): | |
221 | with_erroneous_cve_list = vuln_data.copy() | |
222 | with_erroneous_cve_list['cve'] = ['CVSS: 10.0', 'OSVDB:339, OSVDB:8750, OSVDB:11516', 'CVE-1999-0170, CVE-1999-0211, CVE-1999-0554', 'cve-1111-9988'] | |
223 | data = bc.VulnerabilitySchema().load(with_erroneous_cve_list) | |
224 | bc._create_hostvuln(host.workspace, host, data) | |
225 | vuln = host.workspace.vulnerabilities[0] | |
226 | assert set(vuln.cve) == set(['CVE-1999-0170', 'CVE-1999-0211', 'CVE-1999-0554', 'CVE-1111-9988'] + vuln_data['refs']) | |
213 | 227 | |
214 | 228 | |
215 | 229 | def test_creates_vuln_with_command_object_with_tool(session, service): |
12 | 12 | |
13 | 13 | @pytest.mark.usefixtures('logged_user') |
14 | 14 | class TestSessionLogged: |
15 | def test_session_when_user_is_logged(self, test_client): | |
15 | def test_session_when_user_is_logged(self, test_client, user): | |
16 | 16 | res = test_client.get('/session') |
17 | 17 | assert res.status_code == 200 |
18 | assert user.id == res.json['user_id'] | |
18 | 19 | |
19 | 20 | @pytest.mark.parametrize('role', ['admin', 'pentester', 'client', 'asset_owner']) |
20 | 21 | def test_session_when_user_is_logged_with_different_roles(self, test_client, session, user, role): |
112 | 112 | use_json_data=False |
113 | 113 | ) |
114 | 114 | |
115 | assert res.status_code == 404 | |
115 | assert res.status_code == 403 |
49 | 49 | CommandObject, |
50 | 50 | File, |
51 | 51 | Host, |
52 | Service | |
53 | ) | |
52 | Service, | |
53 | CVE) | |
54 | 54 | from tests.factories import ( |
55 | 55 | ServiceFactory, |
56 | 56 | CommandFactory, |
70 | 70 | |
71 | 71 | def _create_post_data_vulnerability(name, vuln_type, parent_id, |
72 | 72 | parent_type, refs, policyviolations, |
73 | status='opened', | |
73 | status='opened', cve=[], | |
74 | 74 | attachments=None, impact=None, |
75 | 75 | description='desc1234', |
76 | 76 | confirmed=True, data='data1234', |
109 | 109 | 'owned': owned, |
110 | 110 | 'policyviolations': policyviolations, |
111 | 111 | 'refs': refs, |
112 | 'cve': cve, | |
112 | 113 | 'resolution': resolution, |
113 | 114 | 'severity': severity, |
114 | 115 | 'status': status, |
1132 | 1133 | assert vuln_count_previous + 1 == session.query(Vulnerability).count() |
1133 | 1134 | [fileobj.close() for fileobj in attachments] |
1134 | 1135 | |
1135 | def test_create_vuln_with_refs(self, host_with_hostnames, test_client, session): | |
1136 | @pytest.mark.parametrize('cve_list', [ | |
1137 | { | |
1138 | 'refs': {'data': [], 'count': 0}, | |
1139 | 'cve': {'data': ['cve-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], 'count': 2} | |
1140 | }, | |
1141 | { | |
1142 | 'refs': {'data': ['CVE-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], 'count': 2}, | |
1143 | 'cve': {'data': [], 'count': 2} | |
1144 | }, | |
1145 | { | |
1146 | 'refs': {'data': ['CVE-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], 'count': 2}, | |
1147 | 'cve': {'data': ['cve-2017-0003', 'CVE-2017-0012', 'CVE-2017-0012'], 'count': 3} | |
1148 | }, | |
1149 | { | |
1150 | # asdf-2017-0002 is a valid format for refs but not for cve. Check CVE_PATTERN in CVE model for more info. | |
1151 | 'refs': {'data': ['asdf-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], 'count': 2}, | |
1152 | 'cve': {'data': ['asdf-2017-0003', 'CVE-2017-0012', 'CVE-2017-0013'], 'count': 2} | |
1153 | }, | |
1154 | { | |
1155 | # List of cve as a string. | |
1156 | 'refs': {'data': ['asdf-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], 'count': 2}, | |
1157 | 'cve': {'data': ['CVE-2017-0003, CVE-2017-0012', 'CVE-2017-0013'], 'count': 3} | |
1158 | }, | |
1159 | ]) | |
1160 | def test_create_vuln_with_cve(self, cve_list, host_with_hostnames, test_client, session): | |
1136 | 1161 | session.commit() # flush host_with_hostnames |
1137 | 1162 | raw_data = _create_post_data_vulnerability( |
1138 | 1163 | name='New vulns', |
1139 | 1164 | vuln_type='Vulnerability', |
1140 | 1165 | parent_id=host_with_hostnames.id, |
1141 | 1166 | parent_type='Host', |
1142 | refs=['CVE-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], | |
1167 | refs=cve_list['refs']['data'], | |
1168 | cve=cve_list['cve']['data'], | |
1143 | 1169 | policyviolations=[] |
1144 | 1170 | ) |
1145 | 1171 | ws = host_with_hostnames.workspace |
1146 | 1172 | vuln_count_previous = session.query(Vulnerability).count() |
1147 | 1173 | res = test_client.post(self.url(workspace=ws), data=raw_data) |
1148 | 1174 | assert res.status_code == 201 |
1149 | assert session.query(Reference).count() == 2 | |
1175 | assert session.query(Reference).count() == cve_list['refs']['count'] | |
1176 | assert session.query(CVE).count() == cve_list['cve']['count'] | |
1150 | 1177 | assert vuln_count_previous + 1 == session.query(Vulnerability).count() |
1178 | ||
1179 | def test_patch_vuln_with_cve_list(self, host_with_hostnames, test_client, session): | |
1180 | session.commit() # flush host_with_hostnames | |
1181 | raw_data = _create_post_data_vulnerability( | |
1182 | name='New vulns', | |
1183 | vuln_type='Vulnerability', | |
1184 | parent_id=host_with_hostnames.id, | |
1185 | parent_type='Host', | |
1186 | refs=[], | |
1187 | cve=['CVE-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], | |
1188 | policyviolations=[] | |
1189 | ) | |
1190 | ws = host_with_hostnames.workspace | |
1191 | res = test_client.post(self.url(workspace=ws), data=raw_data) | |
1192 | assert res.status_code == 201 | |
1193 | ||
1194 | new_cve_list = ['CVE-2017-0001'] | |
1195 | res = test_client.patch(f'{self.url(res.json["_id"], workspace=ws)}', data={'cve': new_cve_list}) | |
1196 | assert res.status_code == 200 | |
1197 | assert set(res.json['cve']) == set(new_cve_list) | |
1198 | ||
1199 | def test_create_vuln_and_get_cve_list(self, host_with_hostnames, test_client, session): | |
1200 | session.commit() # flush host_with_hostnames | |
1201 | raw_data = _create_post_data_vulnerability( | |
1202 | name='New vulns', | |
1203 | vuln_type='Vulnerability', | |
1204 | parent_id=host_with_hostnames.id, | |
1205 | parent_type='Host', | |
1206 | refs=[], | |
1207 | cve=['CVE-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], | |
1208 | policyviolations=[] | |
1209 | ) | |
1210 | ws = host_with_hostnames.workspace | |
1211 | res = test_client.post(self.url(workspace=ws), data=raw_data) | |
1212 | assert res.status_code == 201 | |
1213 | assert len(res.json['cve']) == 2 | |
1214 | ||
1215 | def test_create_vuln_with_malformed_cve_list(self, host_with_hostnames, test_client, session): | |
1216 | session.commit() # flush host_with_hostnames | |
1217 | raw_data = _create_post_data_vulnerability( | |
1218 | name='New vulns', | |
1219 | vuln_type='Vulnerability', | |
1220 | parent_id=host_with_hostnames.id, | |
1221 | parent_type='Host', | |
1222 | refs=['CVE-2018-1234'], | |
1223 | cve=['CVE-2017-0002', 'CVE-2017-0X12', 'CVE-2017-0012'], | |
1224 | policyviolations=[] | |
1225 | ) | |
1226 | ws = host_with_hostnames.workspace | |
1227 | res = test_client.post(self.url(workspace=ws), data=raw_data) | |
1228 | assert res.status_code == 201 | |
1229 | assert len(res.json['cve']) == 3 | |
1230 | assert set(res.json['cve']) == set(['CVE-2018-1234', 'CVE-2017-0002', 'CVE-2017-0012']) | |
1151 | 1231 | |
1152 | 1232 | def test_create_vuln_with_policyviolations(self, host_with_hostnames, test_client, session): |
1153 | 1233 | session.commit() # flush host_with_hostnames |
2213 | 2293 | new_host = HostFactory.create(workspace=workspace) |
2214 | 2294 | session.commit() |
2215 | 2295 | |
2296 | attachments = [ | |
2297 | (TEST_DATA_PATH / 'faraday.png').open('rb'), | |
2298 | (TEST_DATA_PATH / 'test.html').open('rb') | |
2299 | ] | |
2300 | ||
2216 | 2301 | raw_data = _create_post_data_vulnerability( |
2217 | 2302 | name='vuln_1', |
2218 | 2303 | vuln_type='Vulnerability', |
2222 | 2307 | policyviolations=[], |
2223 | 2308 | description='helloworld', |
2224 | 2309 | severity='medium', |
2310 | attachments=attachments, | |
2225 | 2311 | ) |
2226 | 2312 | res = test_client.post(f'/v3/ws/{workspace.name}/vulns', data=raw_data) |
2227 | 2313 | |
2233 | 2319 | assert res.status_code == 200 |
2234 | 2320 | value = res.json['vulnerabilities'][0]['value'] |
2235 | 2321 | assert value['name'] == 'vuln_1' |
2322 | assert '_attachments' not in value | |
2323 | assert value['attachments_count'] == 2 | |
2236 | 2324 | |
2237 | 2325 | def test_invalid_vuln_filters(self, test_client, session, workspace): |
2238 | 2326 | data = { |
3144 | 3232 | assert res.json['tool'] == command.tool |
3145 | 3233 | |
3146 | 3234 | @pytest.mark.parametrize('refs', [ |
3147 | ('cve', 'CVE-2017-0002'), | |
3148 | 3235 | ('owasp', 'https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet'), |
3149 | 3236 | ('cwe', 'CWE-135'), |
3150 | 3237 | ('cvss', 'CVSS v2 Vector(AV:A/AC:M/Au:S/C:P/I:P/A:N)'), |
143 | 143 | assert res.json['stats']['critical_vulns'] == 0 |
144 | 144 | assert res.json['stats']['info_vulns'] == 2 |
145 | 145 | assert res.json['stats']['total_vulns'] == 2 |
146 | assert res.json['last_run_agent_date'] is None | |
147 | assert res.json['stats']['opened_vulns'] == 10 | |
148 | assert res.json['stats']['confirmed_vulns'] == 2 | |
146 | 149 | |
147 | 150 | @pytest.mark.parametrize('querystring', [ |
148 | 151 | '?status=closed' |
172 | 175 | assert res.json['stats']['critical_vulns'] == 0 |
173 | 176 | assert res.json['stats']['info_vulns'] == 3 |
174 | 177 | assert res.json['stats']['total_vulns'] == 3 |
178 | assert res.json['stats']['opened_vulns'] == 0 | |
179 | assert res.json['stats']['confirmed_vulns'] == 3 | |
175 | 180 | |
176 | 181 | @pytest.mark.parametrize('querystring', [ |
177 | 182 | '?status=asdfss', |
226 | 231 | '?confirmed=0', |
227 | 232 | '?confirmed=false' |
228 | 233 | ]) |
229 | def test_vuln_count_confirmed_2(self, | |
230 | vulnerability_factory, | |
231 | test_client, | |
232 | session, | |
233 | querystring): | |
234 | vulns = vulnerability_factory.create_batch(8, workspace=self.first_object, | |
235 | confirmed=False) | |
234 | def test_vuln_count_confirmed_2(self, vulnerability_factory, test_client, session, querystring): | |
235 | vulns = vulnerability_factory.create_batch(8, workspace=self.first_object, | |
236 | confirmed=False, severity='critical', status='open') | |
236 | 237 | vulns += vulnerability_factory.create_batch(5, workspace=self.first_object, |
237 | confirmed=True) | |
238 | confirmed=True, status='open') | |
238 | 239 | session.add_all(vulns) |
239 | 240 | session.commit() |
240 | 241 | res = test_client.get(self.url(self.first_object) + querystring) |
241 | 242 | assert res.status_code == 200 |
243 | assert res.json['stats']['std_vulns'] == 8 | |
244 | assert res.json['stats']['critical_vulns'] == 8 | |
245 | assert res.json['stats']['info_vulns'] == 0 | |
246 | assert res.json['stats']['opened_vulns'] == 13 | |
247 | assert res.json['stats']['confirmed_vulns'] == 0 | |
242 | 248 | assert res.json['stats']['total_vulns'] == 8 |
243 | 249 | |
244 | 250 | def test_create_fails_with_valid_duration(self, session, test_client): |