Codebase list python-faraday / 4ad7184
Update upstream source from tag 'upstream/3.18.1' Update to upstream version '3.18.1' with Debian dir 42f27413417ed6450f1adba6f62e92d6a31dcf62 Sophie Brun 2 years ago
99 changed file(s) with 927 addition(s) and 8735 deletion(s). Raw diff Collapse all Expand all
+1
-1
.gitlab/ci/publish/.set-tag-gitlab-ci.yml less more
22 stage: publish
33 before_script:
44 script:
5 - git config remote.github.url >/dev/null || git remote add github https://${GH_TOKEN}@github.com/infobyte/faraday.git
5 - git remote set-url github https://${GH_USER}:${GH_TOKEN}@github.com/infobyte/faraday.git
66 - export FARADAY_VERSION=$(eval $IMAGE_TAG)
77 - CHANGELOG/check_pre_tag.py
88 - git push github $CI_COMMIT_TAG:master
+1
-1
.gitlab/ci/upload/.testing-gitlab-ci.yml less more
0 qa_integration:
0 .qa_integration:
11 stage: upload_testing
22 variables:
33 REMOTE_BRANCH: $CI_COMMIT_REF_NAME
+12
-0
CHANGELOG/3.18.0/community.md less more
0 * Remove attachments in vulns filter endpoint
1 * Add open and confirmed vulns in workspace stats
2 * Add migration disabling several notifications.
3 * Add user id to session API endpoint
4 * Add cve to vulnerability model
5 * Change funcs to views
6 * FIX report import
7 * Add `last_run_agent_date` field to workspace endpoint
8 * Fix cve parsing in `vulnerability create` and `bulk create`
9 * ADD check if postgres db is running during server start
10 * Fix order_by in filters api
11 * Fix 500 status code with invalid executor arguments
+1
-0
CHANGELOG/3.18.0/date.md less more
0 Oct 21st, 2021
+1
-0
CHANGELOG/3.18.1/community.md less more
0 Fix CVE issue
+1
-0
CHANGELOG/3.18.1/date.md less more
0 Nov 5th, 2021
+0
-1101
CHANGELOG/RELEASE.md less more
0 New features in the latest update
1 =====================================
2
3
4 3.17.1 [Aug 20th, 2021]:
5 ---
6 * FIX bug when starting the server, creates a pool for reporting that breaks.
7
8 3.17.0 [Aug 10th, 2021]:
9 ---
10 * ADD `--data` parameter to `faraday-manage settings`
11 * MOD Process report files in a separate process
12 * MOD Make `bulk_create` requests asynchronous
13
14 3.16.1 [Jul 2nd, 2021]:
15 ---
16 * MOD only show settings of this version in faraday-manage settings
17 * FIX update minimum version of click dependency
18
19 3.16.0 [Jun 29th, 2021]:
20 ---
21 * BREAKING CHANGE: API V2 discontinued
22 * BREAKING CHANGE: Changed minimum version of python to 3.7
23 * ADD agent parameters has types (protocol with agent and its APIs)
24 * ADD move settings from `server.in` to a db model
25 * ADD (optional) query logs
26 * MOD new threads management
27 * MOD vulnerabilities' endpoint no longer loads evidence unless requested with `get_evidence=true`
28 * FIX now it is not possible to create workspace of name "filter"
29 * FIX bug with dates in the future
30 * FIX bug with click 8
31 * FIX bug using --port command
32 * FIX endpoints returning 500 as status code
33 * REMOVE the need tom CSRF token from evidence upload api
34
35 3.15.0 [May 18th, 2021]:
36 ---
37 * ADD `Basic Auth` support
38 * ADD support for GET method in websocket_tokens, POST will be deprecated in the future
39 * ADD CVSS(String), CWE(String), CVE(relationship) columns to vulnerability model and API
40 * ADD agent token's API says the renewal cycling duration
41 * MOD Improve database model to be able to delete workspaces fastly
42 * MOD Improve code style and uses (less flake8 exceptions, py3 `super` style, Flask app as singleton, etc)
43 * MOD workspaces' names regex to verify they cannot contain forward slash (`/`)
44 * MOD Improve bulk create logs
45 * FIX Own schema breaking Marshmallow 3.11.0+
46 * UPD flask_security_too to version 4.0.0+
47
48 3.14.4 [Apr 15th, 2021]:
49 ---
50 * Updated plugins package, which update appscan plugin
51
52 3.14.3 [Mar 30th, 2021]:
53 ---
54 * MOD MAYOR Breaking change: Use frontend from other repository
55 * ADD `last_run` to executors and agents
56 * ADD ignore info vulns option (from faraday-plugins 1.4.3)
57 * ADD invalid logins are registered in `audit.log`
58 * ADD agent registration tokens are now 6-digit short and automatically regenerated every 30 seconds
59 * MOD Fix logout redirect loop
60 * REMOVE support for native SSL
61
62 3.14.2 [Feb 26th, 2021]:
63 ---
64 * ADD New plugins:
65 * microsoft baseline security analyzer
66 * nextnet
67 * openscap
68 * FIX old versions of Nessus plugins bugs
69
70 3.14.1 [Feb 17th, 2021]:
71 ---
72 * ADD forgot password
73 * ADD update services by bulk_create
74 * ADD FARADAY_DISABLE_LOGS varibale to disable logs to filesystem
75 * ADD security logs in `audit.log` file
76 * UPD security dependency Flask-Security-Too v3.4.4
77 * MOD rename total_rows field in filter host response
78 * MOD improved Export cvs performance by reducing the number of queries
79 * MOD sanitize the content of vulns' request and response
80 * MOD dont strip new line in description when exporting csv
81 * MOD improved threads management on exception
82 * MOD improved performance on vulnerability filter
83 * MOD improved [API documentation](www.api.faradaysec.com)
84 * FIX upload a report with invalid custom fields
85 * ADD v3 API, which includes:
86 * All endpoints ends without `/`
87 * `PATCH {model}/id` endpoints
88 * ~~Bulk update via PATCH `{model}` endpoints~~ In a future release
89 * ~~Bulk delete via DELETE `{model}` endpoints~~ In a future release
90 * Endpoints removed:
91 * `/v2/ws/<workspace_id>/activate/`
92 * `/v2/ws/<workspace_id>/change_readonly/`
93 * `/v2/ws/<workspace_id>/deactivate/`
94 * `/v2/ws/<workspace_name>/hosts/bulk_delete/`
95 * `/v2/ws/<workspace_name>/vulns/bulk_delete/`
96 * Endpoints updated:
97 * `/v2/ws/<workspace_name>/vulns/<int:vuln_id>/attachments/` => \
98 `/v3/ws/<workspace_name>/vulns/<int:vuln_id>/attachment`
99
100 3.14.0 [Dec 23th, 2020]:
101 ---
102 * ADD RESTless filter to multiples views, improving the searchs
103 * ADD "extras" modal in options menu, linking to other Faraday resources
104 * ADD `import vulnerability templates` command to faraday-manage
105 * ADD `generate nginx config` command to faraday-manage
106 * ADD vulnerabilities severities count to host
107 * ADD Active Agent columns to workspace
108 * ADD critical vulns count to workspace
109 * ADD `Remember me` login option
110 * ADD distinguish host flag
111 * ADD a create_date field to comments
112 * FIX to use new webargs version
113 * FIX Custom Fields view in KB (Vulnerability Templates)
114 * FIX bug on filter endpoint for vulnerabilities with offset and limit parameters
115 * FIX bug raising `403 Forbidden` HTTP error when the first workspace was not active
116 * FIX bug when changing the token expiration change
117 * FIX bug in Custom Fields type Choice when choice name is too long.
118 * FIX Vulnerability Filter endpoint Performance improvement using joinedload. Removed several nplusone uses
119 * MOD Updating the template.ini for new installations
120 * MOD Improve SMTP configuration
121 * MOD The agent now indicates how much time it had run (faraday-agent-dispatcher v1.4.0)
122 * MOD Type "Vulnerability Web" cannot have "Host" type as a parent when creating data in bulk
123 * MOD Expiration default time from 1 month to 12 hour
124 * MOD Improve data reference when uploading a new report
125 * MOD Refactor Knowledge Base's bulk create to take to take also multiple creation from vulns in status report.
126 * MOD All HTTP OPTIONS endpoints are now public
127 * MOD Change documentation and what's new links in about
128 * REMOVE Flask static endpoint
129 * REMOVE of our custom logger
130
131 3.12 [Sep 3rd, 2020]:
132 ---
133 * Now agents can upload data to multiples workspaces
134 * Add agent and executor data to Activity Feed
135 * Add session timeout configuration to server.ini configuration file
136 * Add hostnames to already existing hosts when importing a report
137 * Add new faraday background image
138 * Display an error when uploading an invalid report
139 * Use minimized JS libraries to improve page load time
140 * Fix aspect ratio distortion in evidence tab of vulnerability preview
141 * Fix broken Knowledge Base upload modal
142 * Fix closing of websocket connections when communicating with Agents
143 * Change Custom Fields names in exported CSV to make columns compatible with
144 `faraday_csv` plugin
145 * Fix import CSV for vuln template: some values were overwritten with default values.
146 * Catch errors in faraday-manage commands when the connection string is not
147 specified in the server.ini file
148 * Fix bug that generated a session when using Token authentication
149 * Fix bug that requested to the API when an invalid filter is used
150 * Cleanup old sessions when a user logs in
151 * Remove unmaintained Flask-Restless dependency
152 * Remove pbkdf2\_sha1 and plain password schemes. We only support bcrypt
153
154 3.11.2:
155 ---
156
157 3.11.1 [Jun 3rd, 2020]:
158 ---
159 * Fix missing shodan icon and invalid link in dashboard and hosts list
160 * Upgrade marshmallow, webargs, werkzeug and flask-login dependencies to
161 latest versions in order to make packaging for distros easier
162
163 3.11 [Apr 22nd, 2020]:
164 ---
165 * Move GTK client to [another repository](https://github.com/infobyte/faraday-client) to improve release times.
166 * Fix formula injection vulnerability when exporting vulnerability data to CSV. This was considered a low impact vulnerability.
167 * Remove "--ssl" parameter. Read SSL information from the config file.
168 * Add OpenAPI autogenerated documentation support
169 * Show agent information in command history
170 * Add bulk delete endpoint for hosts API
171 * Add column with information to track agent execution data
172 * Add tool attribute to vulnerability to avoid incorrectly showing "Web UI" as creator tool
173 * Add sorting by target in credentials view
174 * Add creator information when uploading reports or using de bulk create api
175 * Add feature to disable rules in the searcher
176 * Add API endpoint to export Faraday data to Metasploit XML format
177 * Change websocket url route from / to /websockets
178 * Use run date instead of creation date when plugins report specifies it
179 * Improve knowledge base UX
180 * Improve workspace table and status report table UX.
181 * Improve format of exported CSV to include more fields
182 * Sort results in count API endpoint
183 * Limit description width in knowledge base
184 * Change log date format to ISO 8601
185 * Fix parsing server port config in server.ini
186 * Fix bug when \_rev was send to the hosts API
187 * Send JSON response when you get a 500 or 404 error
188 * Fix bug parsing invalid data in NullToBlankString
189
190 Changes in plugins (only available through Web UI, not in GTK client yet):
191
192 New plugins:
193
194 * Checkmarx
195 * Faraday\_csv (output of exported Faraday csv)
196 * Qualyswebapp
197 * Whitesource
198
199 Updated plugins:
200
201 * Acunetix
202 * AppScan
203 * Arachni
204 * Nessus
205 * Netspaker
206 * Netspaker cloud
207 * Nexpose
208 * Openvas
209 * QualysGuard
210 * Retina
211 * W3af
212 * WPScan
213 * Webinspect
214 * Zap
215
216 3.10.2 [Jan 30th, 2020]:
217 ---
218 * Fix Cross-Site Request Forgery (CSRF) vulnerability in all JSON API endpoints.
219 This was caused because a third-party library doesn't implement proper
220 Content-Type header validation. To mitigate the vulnerability, we set the
221 session cookie to have the `SameSite: Lax` property.
222 * Fix Faraday Server logs were always in debug
223 * Add update date column when exporting vulnerabilities to CSV
224 * Fix unicode error when exporting vulnerabilities to CSV
225
226 3.10.1 [Jan 10th, 2020]:
227 ---
228 * Fix installation with `pip install --no-binary :all: faradaysec`
229 * Force usage of webargs 5 (webargs 6 broke backwards compatibility)
230 * Use latest version of faraday-plugins
231 * Fix broken "Faraday Plugin" menu entry in the GTK client
232 * Extract export csv to reuse for reports
233
234 3.10 [Dec 19th, 2019]:
235 ---
236 * Use Python 3 instead of Python 2 in the Faraday Server
237 * Add ability to manage agents with multiple executors
238 * Agents can be run with custom arguments
239 * Improved processing of uploaded reports. Now it is much faster!
240 * Add custom fields of type `choice`
241 * Fix vuln status transition in bulk create API (mark closed vulns as re-opened when they are triggered again)
242 * Fix bug when using non-existent workspaces in Faraday GTK Client
243 * Set service name as required in the Web UI
244 * Validate the start date of a workspace is not greater than the end date
245 * Fix command API when year is invalid
246 * When SSL misconfigurations cause websockets to fails it doesn't block server from starting
247 * Check for invalid service port number in the Web UI
248 * Fix dashboard tooltips for vulnerability
249 * Fix bug when GTK client lost connection to the server
250 * Fix style issues in "Hosts by Service" modal of the dashboard
251 * Add API for bulk delete of vulnerabilities
252 * Add missing vuln attributes to exported CSV
253 * `faraday-manage support` now displays the Operating System version
254 * Notify when `faraday-manage` can't run becasue of PostgreSQL HBA config error
255
256 3.9.3 [Nov 12th, 2019]:
257 ---
258 * Fix unicode error when exporting vulns to CSV
259 * Add vuln attributes to CSV
260 * Fix hostname parsing and add external ID to Qualys plugin
261
262 3.9 [Oct 3th, 2019]:
263 ---
264 * Add agents feature for distributed plugin execution
265 * Add an API endpoint to to perform a bulk create of many objects (hosts,
266 services, vulns, commands and credentials). This is used to avoid doing a lot
267 of API requests to upload data. Now one request should be enough
268 * Major style and color changes to the Web UI
269 * Add API token authentication method
270 * Use server side stored sessions to properly invalidate cookies of logged out users
271 * Add "New" button to create credentials without host or service assigned yet
272 * Allow filtering hosts by its service's ports in the Web UI
273 * Performance improvements in vulnerabilities and vulnerability templates API (they
274 were doing a lot of SQL queries because of a programming bug)
275 * Require being in the faraday-manage group when running faraday from a .deb or .rpm package
276 * Change the first page shown after the user logs in. Now it displays a workspace
277 selection dialog
278 * Add API endpoint to import Vuln Templates from a CSV file
279 * Create the exported CSV of the status report in the backend instead of in the
280 problem, which was much slower
281 * Add API endpoint to import hosts from a CSV file
282 * Add `faraday-manage rename-user` command to change a user's username
283 * Allow resizing columns in Vulnerability Templates view
284 * Avoid copying technical details when a vuln template is generated from the status report
285 * Use exact matches when searching vulns by target
286 * Add API endpoint to get which tools impacted in a host
287 * Add pagination to activity feed
288 * Add ordering for date and creator to vuln templates view
289 * Modify tabs in vuln template, add Details tab
290 * Add copy IP to clipboard button in hosts view
291 * Add creator and create date columns to vuln template view
292 * When a plugin creates a host with its IP set to a domain name,
293 resolve the IP address of that domain
294 * Add support for logging in RFC5254 format
295 * Add active filter in workspaces view. Only show active workspaces
296 in other parts of the Web UI
297 * Enforce end date to be greater than start date in workspaces API
298 * Fix bug in `faraday-manage create-tables` that incorrectly marked schema
299 migrations as applied
300 * Fix bug in many plugins that loaded hostnames incorrectly (one hostname per chararcter)
301 * Improve references parsing in OpenVAS plugin
302 * Fix a bug in Nessus plugin when parsing reports without host\_start
303 * Fix bug hostname search is now working in status-report
304 * Fix showing of services with large names in the Web UI
305 * Fix broken select all hosts checkbox
306 * Fix bug viewing an attachment/evidence when its filename contained whitespaces
307 * Fix "Are you sure you want to quit Faraday?" dialog showing twice in GTK
308
309 3.8.1 [Jun 19th, 2019]:
310 ---
311 * Add configurations for websocket ssl
312
313 3.8 [Jun 4th, 2019]:
314 ---
315 * Refactor the project to use absolute imports to make the installation easier
316 (with a setup.py file). This also was a first step to make our codebase
317 compatible with python 3.
318 * Change the commands used to run faraday. `./faraday-server.py`,
319 `./manage.py`, `./faraday.py` and `bin/flugin` are replaced for `faraday-server`, `faraday-manage`,
320 `faraday-client` and `fplugin` respectively
321 * Changed suggested installation method. Now we provide binary executables with all python dependencies
322 embedded into them
323 * Add admin panel to the Web UI to manage custom fields
324 * Fix slow host list when creating vulns in a workspace with many hosts
325 * Usability improvements in status report: change the way vulns are selected and confirmed
326 * Improve workspace workspace creation from the Web UI
327 * Fix attachment api when file was not found in .faraday/storage
328 * Fix visualization of the fields Policy Violations and References.
329 * Add a setting in server.ini to display the Vulnerability Cost widget of the Dashboard
330 * Fix status report resize when the browser console closes.
331 * Fix severity dropdown when creating vulnerability templates
332 * Update OS icons in the Web UI.
333 * Fix bug when using custom fields, we must use the field\_name instead of the display\_name
334 * Prevent creation of custom fields with the same name
335 * Add custom fields to vuln templates.
336 * Fix user's menu visibily when vuln detail is open
337 * Remove "show all" option in the status report pagination
338 * The activity feed widget of the dashboard now displays the hostname of the
339 machine that runned each command
340 * Add loading spinner in hosts report.
341 * Fix "invalid dsn" bug in sql-shell
342 * Fix hostnames bug in Nikto and Core Impact plugins
343 * Change Openvas plugin: Low and Debug threats are not taken as vulnerabilities.
344 * Add fplugin command to close vulns created after a certain time
345 * Add list-plugins command to faraday-manage to see all available plugins
346 * Fix a logging error in PluginBase class
347 * Fix an error when using NexposePlugin from command line.
348 * Add CSV parser to Dnsmap Plugin
349 * Fix bug when creating web vulnerabilities in dirb plugin
350 * Change Nexpose Severity Mappings.
351
352 3.7.3 [May 3rd, 2019]:
353 ---
354 * Add parser for connection string at PGCli connection
355 * Fix bug when using custom fields, we must use the field_name instead of the display_name
356 * Fix user's menu visibily when vuln detail is open.
357 * Fix bug in status report that incorrectly showed standard vulns like if they were vulnwebs
358
359 3.7:
360 ---
361 * Add vulnerability preview to status report
362 * Update Fierce Plugin. Import can be done from GTK console.
363 * Update Goohost plugin and now Faraday imports Goohost .txt report.
364 * Update plugin for support WPScan v-3.4.5
365 * Update Qualysguard plugin to its 8.17.1.0.2 version
366 * Update custom fields with Searcher
367 * Update Recon-ng Plugin so that it accepts XML reports
368 * Add postres version to status-change command
369 * Couchdb configuration section will not be added anymore
370 * Add unit test for config/default.xml
371
372 3.6 [Feb 21th, 2019]:
373 ---
374 * Fix CSRF (Cross-Site Request Forgery) vulnerability in vulnerability attachments API.
375 This allowed an attacker to upload evidence to vulns. He/she required to know the
376 desired workspace name and vulnerability id so it complicated the things a bit. We
377 classified this vuln as a low impact one.
378 * Readonly and disabled workspaces
379 * Add fields 'impact', 'easeofresolution' and 'policyviolations' to vulnerability_template
380 * Add pagination in 'Command history', 'Last Vulnerabilities', 'Activity logs' into dashboard
381 * Add status_code field to web vulnerability
382 * Preserve selection after bulk edition of vulnerabilities in the Web UI
383 * Faraday's database will be created using UTF-8 encoding
384 * Fix bug of "select a different workspace" from an empty list loop.
385 * Fix bug when creating duplicate custom fields
386 * Fix bug when loading in server.ini with extra configs
387 * Fix `./manage.py command`. It wasn't working since the last schema migration
388 * `./manage.py createsuperuser` command renamed to `./manage.py create-superuser`
389 * Fix bug when non-numeric vulnerability IDs were passed to the attachments API
390 * Fix logic in search exploits
391 * Add ability to 'Searcher' to execute rules in loop with dynamic variables
392 * Send searcher alert with custom mail
393 * Add gitlab-ci.yml file to execute test and pylint on gitlab runner
394 * Fix 500 error when updating services and vulns with specific read-only parameters set
395 * Fix SQLMap plugin to support newer versions of the tool
396 * Improve service's parser for Lynis plugin
397 * Fix bug when parsing URLs in Acunetix reports
398 * Fix and update NetSparker Plugin
399 * Fix bug in nessus plugin. It was trying to create a host without IP. Enabled logs on the server for plugin processing (use --debug)
400 * Fix bug when parsing hostnames in Nessus reports
401 * Fix SSLyze report automatic detection, so reports can be imported from the web ui
402 * Update Dnsmap Plugin
403
404 3.5 [Jan 16th, 2019]:
405 ---
406 * Redesgin of new/edit vulnerability forms
407 * Add new custom fields feature to vulnerabilities
408 * Add ./manage.py migrate to perform alembic migrations
409 * Faraday will use webargs==4.4.1 because webargs==5.0.0 fails with Python2
410 * New system for online plugins using Threads, a few fixes for metasploit plugin online also.
411 * Fix Command "python manage.py process-reports" now stops once all reports have been processed
412 * Fix bug in query when it checks if a vulnerability or a workspace exists
413 * Fix Once a workspace is created through the web UI, a folder with its name is created inside ~/.faraday/report/
414 * The manage.py now has a new support funtionality that creates a .zip file with all the information faraday's support team will need to throubleshoot your issue
415 * Status-check checks PostgreSQL encoding
416 * Fix a bug when fail importation of reports, command duration say "In Progress" forever.
417 * Fix confirmed bug in vulns API
418 * Update websockets code to use latest lib version
419 * bootstrap updated to v3.4.0
420 * Manage.py support now throws a message once it finishes the process.
421 * Update Lynis to its version 2.7.1
422 * Updated arp-scan plugin, added support in the Host class for mac address which was deprecated before v3.0
423 * OpenVAS Plugin now supports OpenVAS v-9.0.3
424
425 3.4 [December 6th, 2018]:
426 ---
427 * In GTK, check active_workspace its not null
428 * Add fbruteforce services fplugin
429 * Attachments can be added to a vulnerability through the API.
430 * Catch gaierror error on lynis plugin
431 * Add OR and NOT with parenthesis support on status report search
432 * Info API now is public
433 * Web UI now detects Appscan plugin
434 * Improve performance on the workspace using cusotm query
435 * Workspaces can be set as active/disable in welcome page.
436 * Change Nmap plugin, response field in VulnWeb now goes to Data field.
437 * Update code to support latest SQLAlchemy version
438 * Fix `create_vuln` fplugin bug that incorrectly reported duplicated vulns
439 * Attachments on a vulnerability can be deleted through the API.
440 * Improvement in the coverage of the tests.
441
442 3.3 [Novemeber 14th, 2018]:
443 ---
444 * Add workspace disable feature
445 * Add mac vendor to host and services
446 * Fix typos and add sorting in workspace name (workspace list view)
447 * Improve warning when you try to select hosts instead of services as targets of a Vulnerability Web
448 * Deleted old Nexpose plugin. Now Faraday uses Nexpose-Full.
449 * Update sqlmap plugin
450 * Add updated zap plugin
451 * Add hostnames to nessus plugin
452 * Python interpreter in SSLCheck plugin is not hardcoded anymore.
453 * Fix importer key error when some data from couchdb didn't contain the "type" key
454 * Fix AttributeError when importing vulns without exploitation from CouchDB
455 * Fix KeyError in importer.py. This issue occurred during the import of Vulnerability Templates
456 * Fix error when file config.xml doesn't exist as the moment of executing initdb
457 * Improve invalid credentials warning by indicating the user to run Faraday GTK with --login option
458 * Fix typos in VulnDB and add two new vulnerabilities (Default Credentials, Privilege Escalation)
459 * Improved tests performance with new versions of the Faker library
460 * `abort()` calls were checked and changed to `flask.abort()`
461
462 3.2 [October 17th, 2018]:
463 ---
464 * Added logical operator AND to status report search
465 * Restkit dependency removed.
466 * Improvement on manage.py change-password
467 * Add feature to show only unconfirmed vulns.
468 * Add ssl information to manage.py status-check
469 * Update wpscan plugin to support latest version.
470 * Allow workspace names starting with numbers.
471
472 September 21, 2018:
473 ---
474 * Fix bug: manage.py status_check
475 * Fix bug: manage.py initdb
476
477 September 17, 2018:
478 ---
479 * Fix get exploits API
480 * New searcher feature
481 * Added host_os column to status report
482 * Fix and error while trying to execute server with --start
483 * Added option --choose-password to initdb
484 * Continous scan updated for Nessus 7
485 * Refactor on server.config to remove globals
486 * Added a directory for custom templates for executive reports (pro and corp)
487 * Activity feed shows more results and allows to filter empty results
488 * Allow ot create workspace that start with numbers
489 * Added more variables to executive reports (pro and corp)
490 * Fixed some value checking on tasks api (date field)
491 * OpenVas plugin updated
492 * Appscan plugin update
493 * Added no confirmed vulns to report api
494 * Fixed a bug on workspace API when the workspace already exists on database
495 * Fix owner filter on status report
496 * Fixes on import_csv fplugin when the api returned 409
497 * Fixes on status_check
498 * Fixed a bug on webui when workspace permission was changed (pro and corp)
499 * Update nexpose plugin
500 * uigrid library updated to latest version
501 * Bug fix on plugin automatic detection
502 * Fixed a bug on executive reports when multiple reports were scheduled
503 * Avoid closing the executive report and new vuln modal when the form has data
504 * Status report open new tab for evidence
505 * added change_password to manage.py
506 * Update wapiti plugin
507 * Fixed vuln count on executive report (pro and corp)
508 * Fixed css align in some tables
509 * Fixed No ports available error on the client
510
511 August 17, 2018:
512 ---
513 * Updated code to use Flask 1.0
514 * Add threadfix integration (corp only)
515 * Fix create_service fplugin
516 * Executive report bug fix on tags
517 * Persistence server bug fix on impact and ease of resolution
518 * Fix unicode error bug on executive reports
519 * Updated code to support latest Twisted version
520 * Updated all requirements to use >=
521 * Fix dry run on create_host fplugin
522 * Fixed del_all_vulns_with and del_all_hosts
523 * Improved executive reports status update refresh
524 * Websocket port is configurable now
525 * Change minimum font size in tag cloud
526 * Fixed a problem with shodan icon on dashboard
527 * Updated license check on deleted users
528 * Users with role client was not able to change password, bug fixed
529 * Updated code to support pip 10
530 * Added ldap to status check
531 * Credentials icon aligned
532 * Deamon now allows to execute faraday sever in more than one port and more than one process for multiplexation
533 * All views now check for permissions on workspace
534 * Pull requests #229, #231, #239 and #240 are merged
535 * Avoid polling deleted executive reports
536 * Added documentation to project
537 * Fix self xss on webshell
538 * Add postgres locks check on status_check
539 * Vuln counter fix when confirmed is on
540
541 July 26, 2018:
542 ---
543 * Interface removed from model and from persistence server lib (fplugin)
544 * Performance iprovements on the backend
545 * Add quick change workspace name (from all views)
546 * Changed the scope field of a workspace from a free text input to a list of targets
547 * New faraday styles in all webui views
548 * Add search by id for vulnerabilities
549 * Add new plugin sslyze
550 * Add new plugin wfuzz
551 * Add xsssniper plugin
552 * Fix W3af, Zap plugins
553 * Add brutexss plugin
554 * Allow to upload report file from external tools from the web
555 * Fix sshcheck import file from GTK
556 * Add reconng plugin
557 * Add sublist3r plugin
558 * Add HP Webinspect plugin
559 * Add dirsearch plugin
560 * Add ip360 plugin
561 * CouchDB was replaced by PostgreSQL :)
562 * Host object changed, now the name property is called ip
563 * Interface object was removed
564 * Note object was removed and replaced with Comment
565 * Communication object was removed and replaced with Comment
566 * Show credentials count in summarized report on the dashboard
567 * Remove vuln template CWE fields, join it with references
568 * Allow to search hosts by hostname, os and service name
569 * Allow the user to specify the desired fields of the host list table
570 * Add optional hostnames, services, MAC and description fields to the host list
571 * Workspace names can be changed from the Web UI
572 * Exploitation and severity fields only allow certain values. CWE CVEs were fixed to be valid. A script to convert custom CSVs was added.
573 * Web UI path changed from /_ui/ to / (_ui has now a redirection to / for keeping backwards compatibility)
574 * dirb plugin creates an informational vulnerability instead of a note.
575 * Add confirmed column to exported csv from webui
576 * Fixes in Arachni plugin
577 * Add new parameters --keep-old and --keep-new for faraday CLI
578 * Add new screenshot fplugin which takes a screenshot of the ip:ports of a given protocol
579 * Add fix for net sparker regular and cloud fix on severity
580 * Removed Chat feature (data is kept inside notes)
581 * Add CVSS score to reference field in Nessus plugin.
582 * Fix unicode characters bug in Netsparker plugin.
583 * Fix qualys plugin.
584 * Fix bugs with MACOS and GTK.
585
586 April 10, 2018:
587 ---
588 * Fix bug with tornado version 5.0 and GTK client.
589
590 November 17, 2017:
591 ---
592 * Fix bug with tags in models.
593
594 November 5, 2017:
595 ---
596 * Added "Last modified" and "Created" in Hosts view
597 * Fixed bug when trying to run Faraday as second process and closing the terminal (&!)
598 * Fixed bug where it asked for dependencies eternally when you have a different version than the one required
599 * Fixed small bug in the update_from_document method
600 * Fixed bug, makes the python library dependencies specific to the desired version
601 * Fixed GitHub language bar to reflect real code percentage
602 * Merge PR #195: Create gentoo_requirements_extras.txt (New Github wiki page)
603 * Merge PR #225: Add references to found vulnerabilities in nmap plugin
604 * New plugin: Netsparker cloud
605 * New plugin: Lynis (Winner of Faraday Challenge 2017)
606 * New Fplugin: changes the status of all vulnerabilities of an specific workspace to closed
607 * New Fplugin: combines the "create_interface" and "create_host" scripts into one (create_interface_and_host script)
608 * New Fplugin: import_csv , now you can import Faraday objects from a CSV
609
610 August 11, 2017:
611 ---
612 * Add check to the vuln creation modal for empty targets in the Web UI
613
614 August 9, 2017:
615 ---
616 No changes
617
618 August 7, 2017:
619 ---
620 * Updated Core Impact plugin to be compatible with 2016 version
621 * Improved loading of fields request and website in Burp Plugin
622 * Improved Nexpose Full plugin
623 * Improved Acunetix plugin to avoid conflicts and missing imported data, and to correctly parse URLs and resolutions
624
625 July 19, 2017:
626 ---
627 * Added the ability to select more than one target when creating a vuln in the Web UI
628 * Merged PR #182 - problems with zonatransfer.me
629 * Fixed bug in Download CSV of Status report with old versions of Firefox.
630 * Fixed formula injection vulnerability in export to CSV feature
631 * Fixed DOM-based XSS in the Top Services widget of the dashboard
632 * Fix in AppScan plugin.
633 * Fix HTML injection in Vulnerability template.
634 * Add new plugin: Junit XML
635 * Improved pagination in new vuln modal of status report
636 * Added "Policy Violations" field for Vulnerabilities
637
638 May 24, 2017:
639 ---
640 * Fixed bug when editing workspaces created in GTK
641 * Improved host search in the WEB UI
642 * Extended the config to support different searching engines in the WEB UI
643 * Check that client and server versions match when connecting
644 * Adds the 'v' and 'version' argument for both the server and the client
645 * Fixed "refresh" button in the Web UI
646 * Fix API on /ws/<workspace> with duration object None
647 * Added a CRUD for Credentials to the Web UI
648 * Bug fixes on the Burp Online Plugin
649 * Added a script to connect with Reposify
650 * Fixed Hostname import in Nessus Plugin
651 * Make plugin methods log() and devlog() work again
652 * Fixed bug in SQLMap plugin that made the client freeze
653 * Improved SQLMap plugin to support more options and to show errors in GTK log console
654 * Fixed bug when creating/updating Credentials
655 * Improve plugins usage of vulnweb URL fields
656 * Fixed order of Report Plugins in the GTK import list
657
658 March 17, 2017:
659 ---
660 * Added link to name column in Hosts list
661 * Created a requirements_extras.txt file to handle optional packages for specific features
662 * Fixed bug in SQLMap plugin that made the client freeze
663 * Fixed bug when creating/updating Credentials
664 * Fixed bug in the WEB UI - menu explanation bubbles were hidden behind inputs
665 * Fixed conflict resolution when the object was deleted from another client before resolving the conflict
666 * Improved fplugin
667 * Improved the installation process
668 * Improved SQLMap plugin to support --tables and --columns options
669 * Improved navigation in Web UI
670 * Merged PR #137 - CScan improvements: bug fixing, change plugin format and removed unnecessary file output
671 * Merged PR #173 - Hostnames: added hostnames to plugins
672 * Merged PR #105 - OSint: added the possibility of using a DB other than Shodan
673 * The Status Report now remembers the sorting column and order
674
675 February 8, 2017:
676 ---
677 * Fixed max amount of vulns pagination bug in Web UI
678 * Fixed Maltego plugin
679
680 January 30, 2017:
681 ---
682 * Added an activity feed panel in the Dashboard.
683 * Added AppScan plugin.
684 * Improved Burp's Online plugin. Added fields and removed HTML tags.
685 * Refactor remaining modules to be compatible with JS Strict Mode.
686 * Fixed bug that prevented GTK from closing when user clicked CANCEL on WS creation.
687 * Fixed size of Workspace creation dialog.
688 * New cwe databases: English and Spanish.
689 * Added Hping plugin.
690 * Enhancements to Wpscan plugin.
691
692 November 10, 2016:
693 ---
694 * New library to connect with Faraday Server.
695 * Fixed Fplugin, now it uses the new library to communicate with the Server.
696 * New field for Vulnerabilities: plugin creator and status.
697 * Refactor in Faraday Core and GTK Client.
698 * Bug fixing in Faraday Client and Server.
699 * Added Faraday news notifications in GTK and Web UI.
700 * New plugins: Dirb, Netdiscover, FruityWifi, Sentinel.
701 * Improvements on the WPscan plugin.
702 * Fixed Licenses search.
703 * Refactor Licenses module to be compatible with JS Strict Mode.
704
705 September 19, 2016:
706 ---
707 * Major refactor of Faraday Client: now we support massive workspaces (100.000+ hosts).
708 * Fixed more than 10 minor bugs on the Web UI.
709 * Fixed searching with spaces character on Web UI
710 * Updated URL shown when starting Faraday.
711 * Dashboard is now refreshed automatically every 60 seconds.
712 * Fixed Propecia plugin.
713 * New plugin: WPscan
714 * Host Sidebar on GTK now adds information more intelligently and will never block the application.
715 * Evidence screenshots in report generation is now bigger.
716 * Help menu in GTK with links to interesting links.
717 * Added Help section to WEB UI.
718
719 August 12, 2016:
720 ---
721 * Added Faraday Server
722 * Improved performance in web UI
723 * Added some basic APIs to Faraday Server
724 * Added licenses management section in web UI
725 * Totally removed QT3, GTK is now the only GUI
726 * Deprecated FileSystem databses: now Faraday works exclusively with Faraday Server and CouchDB
727 * Added a button to go to the Faraday Web directly from GTK
728 * Fixed bug when deleting objects from Faraday Web
729 * Fixed bug where icons where not copied to correct folder on initialization
730 * Fixed bug where current workspace wouldn't correspond to selected workspace on the sidebar on GTK
731 * Fixed bug in 'Refresh Workspace' button on GTK
732 * Fixed bug where Host Sidebar and Statusbar information wasn't correctly updated on GTK
733 * Fixed bug in service editing
734 * Fixed sqlmap plugin
735 * Fixed metapsloit plugin
736
737 Jul 1, 2016:
738 ---
739 * GTK is the default interface now.
740 * Added new plugin : Ndiff.
741 * Added new plugin : Netcat (Gnu netcat - OpenBSD netcat - Original netcat)
742 * Added button to edit your host in the GTK interface.
743 * Hosts sidebar now can be sorted by amout of vulnerabilities and OS.
744 * Changes in installation: install.sh now installs only GTK, QT is considered deprecated.
745 * Changes in installation: Faraday now runs with the last versions of Python modules.
746 * Changes in installation: fixed names of packages in setup_server.sh
747 * Usability: Enter key in GTK dialogs works as OK button
748 * Improved handling of lost connection to CouchDB database
749 * First steps towards deprecating Filesystem databases
750 * Fixed a bug when workspace was changed
751 * Fixed a bug with Import Reports Dialog in GTK GUI on OS X.
752 * Fixed a bug with Ctrl+Shift+C and Ctrl+Shift+V in some desktops managers.
753 * Fixed a bug with mapper of vulnerabilities.
754
755 Jun 13, 2016:
756 ---
757 * Added Import Report dialog to Faraday GTK
758 * Added a 'Loading workspace...' dialog to Faraday GTK
759 * Added host sidebar to Faraday GTK
760 * Added host information dialog to Faraday GTK with the full data about a host, its interfaces, services and vulnerabilities
761 * Added support for run faraday from other directories.
762 * Fixed log reapparing after being disabled if user created a new tab
763 * Fixed bug regarding exception handling in Faraday GTK
764 * Now Faraday GTK supports Ctrl+Shift+C / Ctrl+Shift+V to Copy/Paste
765 * Faraday will now not crash if you suddenly lose connection to your CouchDB
766
767 May 23, 2016:
768 ---
769 * Removed description from Hosts list in WEB UI
770 * Fixed sort in Hosts list in WEB UI
771 * Fixed ports sorting in Host view in WEB UI
772 * Added search link for OS in Hosts list in WEB UI
773 * Removed description from Services list in WEB UI
774 * Added version to Services list in WEB UI
775 * Modified false values in Hosts list in WEB UI
776 * Added search links in Services list in WEB UI
777 * Added scrollbar in Gtk Terminal.
778 * Added workspace status in Gtk interface
779 * Added conflict resolution support for the Gtk interface
780 * Added search entry for workspaces in Gtk
781 * Added support for 'exit' command inside Faraday's Gtk terminal
782 * Improved handling of uncaught exceptions in Gtk interface
783 * Improved text formatting in Gtk's log console
784 * Fixed several small bugs in Faraday GTK
785 * Added support for resize workspace bar.
786 * Added a quote for imported reports in WEB UI.
787 * Added support for a new type of report in Qualysguard plugin.
788 * Fixed bugs in plugins: Acunetix - Nmap - Nikto.
789
790 Apr 29, 2016:
791 ---
792 * Added Open services count to Hosts list in WEB UI
793 * Improved zsh integration
794 * Added GTK3 interface prototype
795 * Added plugin detection through report name
796 * Fixed an error in wcscan script
797 * Fixed nikto plugin
798 * Fixed openvas plugin
799
800 Apr 04, 2016
801 ---
802 * Added cli mode (see wiki for usage instructions)
803 * Support for multiple Faraday instances in the same host
804 * Fixed bug for editing web vulns in bulk
805 * Fixed bug for select all in web UI
806 * Fixed bugs in Qualys, ZAP, nikto, w3af, openVas plugins
807 * Added some new scripts and helpers
808
809
810 Feb 26, 2016:
811 ---
812 * Fixed bug in pip debian
813 * BugFix pip install.
814 * Checks additionals about dependencies in installation.
815 * Warning about a upgrade to experimental in debian installation.
816 * Fixed small bug in CSV importing
817 * Fixed styles for Status Report
818 * Fixed bug on Status Report filter after editing
819 * Added support for Kali Rolling Edition
820 * Notify user when the current Workspace doesn't exist
821 * Show all evidence files in Status Report
822 * Added script to remove all vulns with a specific severity value (parameterized)
823 * Fixed Arachni Plugin bugs
824 * Added new version for Maltego Plugin
825 * Added support for Mint 17
826
827 Dec 18, 2015:
828 ---
829 * Immunity Canvas plugin added
830 * Added Dig plugin
831 * Added Traceroute plugin
832 * Fixed bug in first run of Faraday with log path and API errors
833 * Added parametrization for port configuration on APIs
834 * Refactor Plugin Base to update active WS name in var
835 * Refactor Plugins to use current WS in temp filename under $HOME/.faraday/data. Affected Plugins:
836 - amap
837 - dnsmap
838 - nmap
839 - sslcheck
840 - wcscan
841 - webfuzzer
842 - nikto
843 * Fixed bug get_installed_distributions from handler exceptions
844 * Added Wiki information about running Faraday without configuring CouchDB
845 * Fixed Unicode bug in Nexpose-full Plugin
846 * Filter false-positives in Status Report
847 * Fixed bug that prevented the use of "reports" and "cwe" strings in Workspace names
848 * Added port to Service type target in new vuln modal
849 * Added new scripts for faraday plugin:
850 - /bin/delAllVulnsWith.py - delete all vulns that match a regex
851 - /bin/getAllbySrv.py - get all IP addresses that have defined open port
852 - /bin/getAllIpsNotServices.py added - get all IPs from targets without services
853 * Fixed bug null last workspace
854 * Fixed bugs in CSV export/import in QT
855
856 Oct 2, 2015:
857 ---
858 * Continuous Scanning Tool cscan added to ./scripts/cscan
859 * Fix for saving objects without parent
860 * Hosts and Services views now have pagination and search
861 * Updates version number on Faraday Start
862 * Visual fixes on Firefox
863 * Migrate graphs from D3.js to Chart.js
864 * Added Services columns to Status Report
865 * Added sections of Commercial versions
866 * Converted references to links in Status Report. Support for CVE, CWE, Exploit Database and Open Source Vulnerability Database
867 * Added Peepingtom, SSHdefaultscan and pasteAnalyzer plugins
868 * Fixed Debian install
869
870 Sep 10, 2015:
871 ---
872 * Adding filename path information of report imported in history command
873 * Remove old couchdb upgrade process
874 * Adding Iceweasel browser > 38.2.0 support
875 * Adding more navigability in differents GUI Web (Dashboard/Services/Views)
876 * Fixed bug copy clipboard offline (update path of ngClip dependeces)
877 * Added class to set colors to severities in new/edit vuln view
878 * Medusa, Hydra & Metasploit plug-in now added discovered weak credentials as a vulnerability
879 * Nmap plug-in applyies a severity depending on the result of a NSE script
880 * Fixed small bug for empty ease of resolution
881 * Adding more time to generation shells QT
882 * Added "Search in Shodan" links in different views (Status Report, Host View, Service View)
883 * Removed required of name field service bulk edition
884 * Added ng-disabled on Edit button if select more of 1 host on Host View WEB UI
885 * Refactored GUI Web:
886 Icon added for Modal Error
887 OS, Creator, Date for modal-services-by-host.html
888 Fixed typo in Host Edit, the popup message was wrong
889 First version for in estilos.css for clear mode
890 Also, added hover to grey boxes in the Dashboard.
891 * Added vulns count for Hosts in WEB UI
892 * Updated w3af plugin to support report version 1.7.6
893 * Ignored cwe database from updater and QT views
894 * Plugin for Nexpose XML Export 2.0
895 * Added masscan plugin (1.0.3)
896
897 Aug 19, 2015:
898 ---
899 * Exported CSV contains filters and columns from Status Report in WEB UI
900 * Vulnerability counter on Status Report in WEB UI
901 * Added quick vuln edit and delete in WEB UI
902 * Expanded Unit Tests for WEB UI
903 * XML Cleaner
904 * Kali 2.0 support
905 * Improve plugins running status log (Adding log information on report importing)
906 * Clean dev log on plugins
907 * w3af plugin refactoring
908 * Fix Debian 7/8.1 install support
909
910 Aug 05, 2015:
911 ---
912
913 * Added CWE database and integration with vulns creation
914 * Added ENTER shortcut on modals
915 * Progress bar for workspace in the dashboard
916 * Bug fixing in workspaces and status report components
917 * Unit testing for vulns, status report and workspaces components
918 * Debian 8.1 support
919
920
921 Jun 30, 2015:
922 ---
923
924 * Added hosts CRUD
925 * Added services CRUD
926 * Fix ubuntu 15.04 installation bug
927 * Small bug in burp plugin "Import new vulnerabilities" checkbox issue
928 * Added an interactive visualization to calculate the value of a Workspace
929 * Fixed several bugs in WEB UI
930 * Added a URL filter functionality to the status report, allowing searches by fields
931
932
933 Apr 17, 2015:
934 ---
935 * You can get the new version here:
936 * https://github.com/infobyte/faraday/archive/v1.0.10.tar.gz
937
938 Changes:
939
940 * Styles changes in WEB UI: fancy component selection, improved workspaces selection.
941
942 Bugfixes:
943 * Date on Workspace creation
944 * Tables in Firefox
945
946
947 Apr 7, 2015:
948 ---
949 You can get the new version here:
950 * https://github.com/infobyte/faraday/archive/v1.0.9.tar.gz
951
952 Changes:
953
954 * Performance improvement in the dashboard
955 * Fix bug OSX install
956 * Bug fixes
957
958
959 Mar 9, 2015:
960 ---
961 You can get the new version here:
962
963 * https://github.com/infobyte/faraday/archive/v1.0.8.tar.gz
964
965 Changes:
966
967 * WcScan script and plugin (scripts/wcscan.py)
968 * New Dashboard D3 with AngularJS
969 * Easy access to Vulnerability pages in the Status Report
970 * Easy access to the Host pages on the dashboard
971 * Creation and Editing capabilities for the Workspace from the UI Web
972 * Support installation for the latest version of Debian/Ubuntu/Kali
973 * sqlmap version 1.0-dev support updated
974 * API Status Check in both ZSH & QT GUI
975 * Field added for resolution of vulnerabilities classification with plug-ins updated to support the new function.
976 * Field added for rating "ease of resolution" for vulnerabilities
977 * Adjustments for Resolution field
978
979 * New Faraday plugin for Burp. Version 1.2
980 -Corrections for the vulnerabilities duplication for the burp plugin
981 -New tab section to configure the new Vulnerabilities downloads for Faraday
982
983 * Automated backup for couch database
984 * Ability to upload evidence of a vulnerability (as an attachment)
985 * Ability to assign Vulnerability Impact (confidentiality, integrity, availability).
986
987 Dec 12, 2014:
988 ---
989 You can get the new version here:
990
991 * https://github.com/infobyte/faraday/archive/v1.0.7.tar.gz
992
993 Changes:
994
995 * Improved Vulnerability Edition usability, selecting a vuln will load it's content.
996 * ZSH UI now is showing notifications.
997 * ZSH UI now is showing active workspace.
998 * Faraday now asks confirmation on exit, If you have pending conflicts to solve it will show the number of each.
999 * Vulnerability creation is now suported in the status report.
1000 * Introducing SSLCheck, a tool for verify bugs in SSL/TLS Certificates on remote hosts. This is integrated with Faraday with a plugin.
1001 * Shodan Plugin is now working with the new API.
1002 * Some cosmetic changes in the status report.
1003
1004 Bugfixes:
1005
1006 * Sorting collumns in the Status Report now is working.
1007 * Workspace icon is based on the type of the workspace.
1008 * Opening the reports in QT UI now opens the active workspace.
1009 * UI Web dates fixes, we were showing dates with a off-by-one error.
1010 * Vulnerability edition was missing 'critical' severity.
1011 * Objects merge bugfixing
1012 * Metadata recursive save fix
1013
1014
1015
1016 Nov 7, 2014:
1017 ---
1018 You can get the new version here:
1019
1020 * https://github.com/infobyte/faraday/archive/v1.0.6.tar.gz
1021
1022 Changes:
1023
1024 * Status report modifications:
1025 * Web vulnerability edition support.
1026 * Variable columns in status report.
1027 * New field called "Data" with extra information about a vulnerability.
1028 * Bug fixes
1029
1030
1031 Oct 17, 2014:
1032 ----
1033 * https://github.com/infobyte/faraday/commit/a81c6376ed47a2f7b501c8f48f2179eb7c5d58b9
1034
1035 Status report now have edition capabilities
1036 Introducing batch vulnerability edition and deletion. Now you can edit your status report.
1037
1038 Lots of bug fixes
1039
1040 Ubuntu 14.04 support fixes
1041 Mac support fixes
1042
1043
1044 Sep 26, 2014:
1045 ----
1046 * https://github.com/infobyte/faraday/commit/440858ec8172193ce401bbf6a5f4b3052edb6edb
1047
1048 New Dashboard design with summarized information.
1049
1050 D3.js Fancy visualizations.
1051
1052 Vulnerability Status report.
1053
1054 Command run user/host identification.
1055
1056 Vulnerability Statistics.
1057
1058 Optimization Refactor.
1059
1060 Jun 06, 2014:
1061 ----
1062
1063 * https://github.com/infobyte/faraday/commit/e616bdb44b089bfccf2405e51837eeae5d403b9f
1064
1065 Notifications: Updating objets on faraday now results in a beautiful
1066 notification in the QT ui.
1067
1068 Performance: Enhacing performance when lots of workspaces are available.
1069 We now load each workspace whe it's needed instead of loading ahead the
1070 full workspace list.
1071
1072 UI: Workspace split, now you can select the workspace to visualize. We
1073 are now using bootstrap.
1074
1075 API: New operations on the Rest API (this is just for the following UI
1076 modifications). Vulnerability update and delete operations.
1077
1078 May 14, 2014:
1079 ----
1080
1081 * https://github.com/infobyte/faraday/commit/9dfa9ad23dfe450ceb65d38074d55f07425aa90a
1082
1083 Improving (web interface, vulnerability classification)
1084
1085 Apr 30, 2014:
1086 ----
1087
1088 * https://github.com/infobyte/faraday/commit/931865fd4bd9c5fbd1a237b52659b1c873e1fcbf
1089
1090 MacOS Support
1091
1092 Apr 04, 2014:
1093 ----
1094 * https://github.com/infobyte/faraday/commit/0fe6978fe41dc85cd8540c2f26074f3e3f57507f
1095
1096 We are proud to present two new features that will enhace the Faraday experience.
1097 Taking feedback from our users we took account that each of them had particular needs from their consoles (completion, size, fonts, so on so forth) and their need to be able to know what commands where run during an engagement.
1098
1099 * A brand new ZSH based Terminal UI
1100 * The Command Run execution history
+1
-1
CHANGELOG/check_pre_tag.py less more
1111 changelog_folder = Path(__file__).parent
1212 current_folder = changelog_folder / "current"
1313 for file in os.listdir(current_folder):
14 assert file == "keep", file
14 assert file == ".keep", file
1515 version_folder = changelog_folder / version_id
1616 for file in os.listdir(version_folder):
1717 assert file in ["date.md", "community.md", "prof.md", "corp.md"], file
+1
-1
README.md less more
2626 ```shell
2727 $ pip install virtualenv
2828 $ virtualenv faraday_venv
29 $ source faraday_env/bin/activate
29 $ source faraday_venv/bin/activate
3030 $ git clone [email protected]:infobyte/faraday.git
3131 $ cd faraday
3232 $ git clone https://github.com/infobyte/faraday_angular_frontend.git faraday/frontend
+19
-0
RELEASE.md less more
00 New features in the latest update
11 =====================================
22
3
4 3.18.1 [Nov 5th, 2021]:
5 ---
6 Fix CVE issue
7
8 3.18.0 [Oct 21st, 2021]:
9 ---
10 * Remove attachments in vulns filter endpoint
11 * Add open and confirmed vulns in workspace stats
12 * Add migration disabling several notifications.
13 * Add user id to session API endpoint
14 * Add cve to vulnerability model
15 * Change funcs to views
16 * FIX report import
17 * Add `last_run_agent_date` field to workspace endpoint
18 * Fix cve parsing in `vulnerability create` and `bulk create`
19 * ADD check if postgres db is running during server start
20 * Fix order_by in filters api
21 * Fix 500 status code with invalid executor arguments
322
423 3.17.1 [Aug 20th, 2021]:
524 ---
+1
-1
faraday/__init__.py less more
11 # Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
22 # See the file 'doc/LICENSE' for the license information
33
4 __version__ = '3.17.1'
4 __version__ = '3.18.1'
55 __license_version__ = __version__
+2
-1
faraday/manage.py less more
175175 with get_app().app_context():
176176 if db.session.query(User).filter_by(active=True).count() > 0:
177177 print(
178 "Can't create more users. The comumunity edition only allows one user. Please contact support for further information.")
178 "Can't create more users. The community edition only allows one user. "
179 "Please contact support for further information.")
179180 sys.exit(1)
180181
181182 get_app().user_datastore.create_user(username=username,
+52
-0
faraday/migrations/versions/1574fbcf72f5_disable_several_notifications_and_add_event_enabled_flag.py less more
0 """disable several notifications and add event enabled flag
1
2 Revision ID: 1574fbcf72f5
3 Revises: 89115e133f0a
4 Create Date: 2021-09-21 13:46:08.382496+00:00
5
6 """
7 from alembic import op
8 import sqlalchemy as sa
9
10
11 # revision identifiers, used by Alembic.
12 from faraday.server.models import NotificationSubscription, EventType, NotificationSubscriptionWebSocketConfig
13
14 revision = '1574fbcf72f5'
15 down_revision = '89115e133f0a'
16 branch_labels = None
17 depends_on = None
18
19 enabled_notifications = ['new_workspace', 'update_executivereport', 'new_agentexecution', 'new_command', 'new_comment']
20
21
22 def upgrade():
23 bind = op.get_bind()
24 session = sa.orm.Session(bind=bind)
25
26 session.execute("ALTER TABLE event_type ADD COLUMN enabled BOOLEAN DEFAULT true")
27 session.commit()
28
29 events = session.query(EventType).filter(EventType.name.notin_(enabled_notifications)).all()
30 for event in events:
31 event.enabled = False
32
33 notifications = session.query(NotificationSubscriptionWebSocketConfig)\
34 .join(NotificationSubscription).join(EventType).filter(EventType.name.notin_(enabled_notifications)).all()
35 for notification in notifications:
36 notification.active = False
37 session.add(notification)
38 session.commit()
39
40
41 def downgrade():
42 bind = op.get_bind()
43 session = sa.orm.Session(bind=bind)
44
45 op.execute("ALTER TABLE event_type DROP COLUMN enabled")
46
47 notifications = session.query(NotificationSubscriptionWebSocketConfig)\
48 .join(NotificationSubscription).join(EventType).filter(EventType.name.notin_(enabled_notifications)).all()
49 for notification in notifications:
50 notification.active = True
51 session.commit()
+1
-1
faraday/migrations/versions/247a90b029f2_fix_severities_ordering.py less more
00 """Fix severities ordering
11
22 Revision ID: 247a90b029f2
3 Revises: 89115e133f0a
3 Revises: a9fcf8444c79
44 Create Date: 2021-08-02 12:52:34.453541+00:00
55
66 """
+40
-0
faraday/migrations/versions/5d7a930c439e_cve_many_to_many.py less more
0 """cve_many_to_many
1
2 Revision ID: 5d7a930c439e
3 Revises: 18891ca61db6
4 Create Date: 2021-06-02 19:27:34.373988+00:00
5
6 """
7 from alembic import op
8 import sqlalchemy as sa
9
10 # revision identifiers, used by Alembic.
11 revision = '5d7a930c439e'
12 down_revision = '247a90b029f2'
13 branch_labels = None
14 depends_on = None
15
16
17 def upgrade():
18 # ### commands auto generated by Alembic - please adjust! ###
19 op.create_table('cve',
20 sa.Column('id', sa.Integer(), nullable=False),
21 sa.Column('name', sa.String(), nullable=False),
22 sa.Column('year', sa.Integer(), nullable=True),
23 sa.Column('identifier', sa.Integer(), nullable=True),
24 sa.PrimaryKeyConstraint('id')
25 )
26 op.create_table('cve_association',
27 sa.Column('vulnerability_id', sa.Integer(), nullable=False),
28 sa.Column('cve_id', sa.Integer(), nullable=False),
29 sa.ForeignKeyConstraint(['cve_id'], ['cve.id'], ),
30 sa.ForeignKeyConstraint(['vulnerability_id'], ['vulnerability.id'], )
31 )
32 # ### end Alembic commands ###
33
34
35 def downgrade():
36 #
37 op.drop_table('cve_association')
38 op.drop_table('cve')
39 # ### end Alembic commands ###
+66
-0
faraday/migrations/versions/89115e133f0a_add_hosts_notifications.py less more
0 """Add hosts notifications
1
2 Revision ID: 89115e133f0a
3 Revises: 5d7a930c439e
4 Create Date: 2021-07-26 17:18:43.521015+00:00
5
6 """
7 from alembic import op
8 import sqlalchemy as sa
9
10 # revision identifiers, used by Alembic.
11 from faraday.server.models import NotificationSubscription, NotificationSubscriptionWebSocketConfig, User, EventType, \
12 Role
13
14 revision = '89115e133f0a'
15 down_revision = '5d7a930c439e'
16 branch_labels = None
17 depends_on = None
18
19 admin = User.ADMIN_ROLE
20 pentester = User.PENTESTER_ROLE
21 asset_owner = User.ASSET_OWNER_ROLE
22 client = User.CLIENT_ROLE
23
24 notifications_config = [
25 # Host
26 {'roles': [admin, pentester, asset_owner, client],
27 'event_types': ['new_host', 'update_host', 'delete_host']},
28 ]
29
30
31 def upgrade():
32 bind = op.get_bind()
33 session = sa.orm.Session(bind=bind)
34
35 for config in notifications_config:
36 for event_type in config['event_types']:
37 roles = session.query(Role).filter(Role.name.in_(config['roles'])).all()
38 if not roles:
39 raise ValueError(f"Roles {config['roles']} not exist.")
40
41 session.execute(f"INSERT INTO event_type (name) VALUES ('{event_type}')") # nosec
42 event_type_id = session.query(EventType.id).filter(EventType.name == event_type).one()
43 n = NotificationSubscription(event_type_id=event_type_id, allowed_roles=roles)
44
45 ns = NotificationSubscriptionWebSocketConfig(subscription=n,
46 active=True,
47 role_level=True)
48 session.add(ns)
49 session.commit()
50
51
52 def downgrade():
53 bind = op.get_bind()
54 session = sa.orm.Session(bind=bind)
55
56 for config in notifications_config:
57 for event_type in config['event_types']:
58 event_type_id = session.query(EventType.id).filter(EventType.name == event_type).one()
59 subscription = session.query(NotificationSubscription).filter(NotificationSubscription.event_type_id == event_type_id).one()
60 ns = session.query(NotificationSubscriptionWebSocketConfig).filter(NotificationSubscriptionWebSocketConfig.subscription == subscription).one()
61 session.delete(ns)
62 session.delete(subscription)
63 session.commit()
64 name_list = ",".join([f"'{elem}'" for elem in config["event_types"]])
65 session.execute(f'DELETE FROM event_type WHERE name IN ({name_list})') # nosec
+29
-0
faraday/migrations/versions/f28eae25416b_fix_constraint_in_cve_association.py less more
0 """Fix constraint in cve association
1
2 Revision ID: f28eae25416b
3 Revises: 1574fbcf72f5
4 Create Date: 2021-11-04 15:38:26.026998+00:00
5
6 """
7 from alembic import op
8
9 # revision identifiers, used by Alembic.
10 revision = 'f28eae25416b'
11 down_revision = '1574fbcf72f5'
12 branch_labels = None
13 depends_on = None
14
15
16 def upgrade():
17 op.execute('ALTER TABLE cve_association '
18 'DROP constraint cve_association_vulnerability_id_fkey, '
19 'ADD CONSTRAINT cve_association_vulnerability_id_fkey '
20 'FOREIGN KEY (vulnerability_id) REFERENCES vulnerability(id) '
21 'ON DELETE CASCADE')
22
23
24 def downgrade():
25 op.execute('ALTER TABLE cve_association '
26 'DROP constraint cve_association_vulnerability_id_fkey, '
27 'ADD CONSTRAINT cve_association_vulnerability_id_fkey '
28 'FOREIGN KEY (vulnerability_id) REFERENCES vulnerability(id) ')
+6
-3
faraday/server/api/modules/agent.py less more
310310 # VALIDATE
311311 errors = {}
312312 for param_name, param_data in executor_data["args"].items():
313 val_error = type_validate(executor.parameters_metadata[param_name]['type'], param_data)
314 if val_error:
315 errors[param_name] = val_error
313 if executor.parameters_metadata.get(param_name):
314 val_error = type_validate(executor.parameters_metadata[param_name]['type'], param_data)
315 if val_error:
316 errors[param_name] = val_error
317 else:
318 errors['message'] = f'"{param_name}" not recognized as an executor argument'
316319 if errors:
317320 response = jsonify(errors)
318321 response.status_code = 400
+24
-8
faraday/server/api/modules/bulk_create.py less more
00 import logging
1 import re
12 from datetime import datetime, timedelta
23 from typing import Type, Optional
34 import string
3031 VulnerabilityWeb,
3132 AgentExecution,
3233 Workspace,
33 Metadata
34 Metadata,
35 CVE
3436 )
3537 from faraday.server.utils.database import (
3638 get_conflict_object,
357359
358360 vuln_data.pop('_attachments', {})
359361 references = vuln_data.pop('references', [])
362 cve_list = vuln_data.pop('cve', [])
363
360364 policyviolations = vuln_data.pop('policy_violations', [])
361365
362366 vuln_data = vuln_data.copy()
395399 logger.debug("Apply run date to vuln")
396400 vuln.create_date = run_date
397401 db.session.commit()
398 elif not created and ("custom_fields" in vuln_data and any(vuln_data["custom_fields"])):
399 # Updates Custom Fields
400 vuln.custom_fields = vuln_data.pop('custom_fields', {})
401 db.session.commit()
402 elif not created:
403 if "custom_fields" in vuln_data and any(vuln_data["custom_fields"]):
404 # Updates Custom Fields
405 vuln.custom_fields = vuln_data.pop('custom_fields', {})
406 db.session.commit()
402407
403408 if command is not None:
404409 _create_command_object_for(ws, created, vuln, command)
405410
406 def update_vuln(policyviolations, references, vuln):
411 def update_vuln(policyviolations, references, vuln, cve_list):
412
407413 vuln.references = references
408414 vuln.policy_violations = policyviolations
415
416 # parse cve and reference. Should be temporal.
417 parsed_cve_list = []
418 for cve in cve_list:
419 parsed_cve_list += re.findall(CVE.CVE_PATTERN, cve.upper())
420
421 for cve in references:
422 parsed_cve_list += re.findall(CVE.CVE_PATTERN, cve.upper())
423
424 vuln.cve = parsed_cve_list
409425 # TODO attachments
410426 db.session.add(vuln)
411427 db.session.commit()
412428
413429 if created:
414 update_vuln(policyviolations, references, vuln)
430 update_vuln(policyviolations, references, vuln, cve_list)
415431 elif vuln.status == "closed": # Implicit not created
416432 vuln.status = "re-opened"
417 update_vuln(policyviolations, references, vuln)
433 update_vuln(policyviolations, references, vuln, cve_list)
418434
419435
420436 def _create_hostvuln(ws, host, vuln_data, command=None):
+46
-34
faraday/server/api/modules/export_data.py less more
22 from lxml.etree import Element, SubElement, tostring # nosec
33 # We don't use Element for parsing
44 from flask import Blueprint, request, abort, send_file
5
5 from marshmallow import Schema
6
7 from faraday.server.api.base import GenericWorkspacedView
68 from faraday.server.models import Workspace
79
810 export_data_api = Blueprint('export_data_api', __name__)
1012 logger = logging.getLogger(__name__)
1113
1214
13 @export_data_api.route('/v3/ws/<workspace_name>/export_data', methods=['GET'])
14 def export_data(workspace_name):
15 """
16 ---
17 get:
18 tags: ["File","Workspace"]
19 description: Exports all the workspace data in a XML file
20 responses:
21 200:
22 description: Ok
23 """
24
25 workspace = Workspace.query.filter_by(name=workspace_name).first()
26 if not workspace:
27 logger.error("No such workspace. Please, specify a valid workspace.")
28 abort(404, f"No such workspace: {workspace_name}")
29
30 export_format = request.args.get('format', '')
31 if not export_format:
32 logger.error("No format specified. Please, specify the format to export the data.")
33 abort(400, "No format specified.")
34
35 if export_format == 'xml_metasploit':
36 memory_file = xml_metasploit_format(workspace)
37 return send_file(
38 memory_file,
39 attachment_filename=f"Faraday-{workspace_name}-data.xml",
40 as_attachment=True,
41 cache_timeout=-1
42 )
43 else:
44 logger.error("Invalid format. Please, specify a valid format.")
45 abort(400, "Invalid format.")
15 class EmptySchema(Schema):
16 pass
17
18
19 class ExportDataView(GenericWorkspacedView):
20 route_base = 'export_data'
21 schema_class = EmptySchema
22
23 def get(self, workspace_name):
24 """
25 ---
26 get:
27 tags: ["File","Workspace"]
28 description: Exports all the workspace data in a XML file
29 responses:
30 200:
31 description: Ok
32 """
33
34 workspace = Workspace.query.filter_by(name=workspace_name).first()
35 if not workspace:
36 logger.error("No such workspace. Please, specify a valid workspace.")
37 abort(404, f"No such workspace: {workspace_name}")
38
39 export_format = request.args.get('format', '')
40 if not export_format:
41 logger.error("No format specified. Please, specify the format to export the data.")
42 abort(400, "No format specified.")
43
44 if export_format == 'xml_metasploit':
45 memory_file = xml_metasploit_format(workspace)
46 return send_file(
47 memory_file,
48 attachment_filename=f"Faraday-{workspace_name}-data.xml",
49 as_attachment=True,
50 cache_timeout=-1
51 )
52 else:
53 logger.error("Invalid format. Please, specify a valid format.")
54 abort(400, "Invalid format.")
55
56
57 ExportDataView.register(export_data_api)
4658
4759
4860 def xml_metasploit_format(workspace):
+63
-48
faraday/server/api/modules/get_exploits.py less more
55 import logging
66
77 from flask import Blueprint, abort, make_response, jsonify
8 from flask_classful import route
9 from marshmallow import Schema
10
11 from faraday.server.api.base import GenericView
812 from faraday.server.utils.web import gzipped
913
1014 exploits_api = Blueprint('exploits_api', __name__)
1216 logger = logging.getLogger(__name__)
1317
1418
15 @gzipped
16 @exploits_api.route('/v3/vulners/exploits/<cveid>', methods=['GET'])
17 def get_exploits(cveid):
18 """
19 ---
20 get:
21 tags: ["Vulnerability"]
22 description: Use Vulns API to get all exploits available for a specific CVE-ID
23 responses:
24 200:
25 description: Ok
26 """
19 class EmptySchema(Schema):
20 pass
2721
28 logger.debug(
29 f"Request parameters: {flask.request.args!r}")
3022
31 headers = {
32 "Content-Type": "application/json",
33 "Accept": "application/json"}
23 class ExploitsView(GenericView):
24 route_base = 'vulners/exploits'
25 schema_class = EmptySchema
3426
35 response = requests.get(
36 "https://vulners.com/api/v3/search/id/?references=True&id=" + cveid,
37 headers=headers,
38 timeout=3
39 )
27 @gzipped
28 @route('<cveid>', methods=['GET'])
29 def get_exploits(self, cveid):
30 """
31 ---
32 get:
33 tags: ["Vulnerability"]
34 description: Use Vulns API to get all exploits available for a specific CVE-ID
35 responses:
36 200:
37 description: Ok
38 """
4039
41 try:
40 logger.debug(
41 f"Request parameters: {flask.request.args!r}")
4242
43 json_response = {
44 "metasploit": [],
45 "exploitdb": [],
46 "cveid": cveid
47 }
43 headers = {
44 "Content-Type": "application/json",
45 "Accept": "application/json"}
4846
49 if response.status_code == 200:
47 response = requests.get(
48 "https://vulners.com/api/v3/search/id/?references=True&id=" + cveid,
49 headers=headers,
50 timeout=3
51 )
5052
51 obj_response = response.json()
53 try:
5254
53 if obj_response["data"]["references"] is not {}:
55 json_response = {
56 "metasploit": [],
57 "exploitdb": [],
58 "cveid": cveid
59 }
5460
55 metasploit_modules = obj_response["data"]["references"][cveid].get("metasploit", [])
56 exploitdb_modules = obj_response["data"]["references"][cveid].get("exploitdb", [])
61 if response.status_code == 200:
5762
58 for module in metasploit_modules:
59 obj_module = {}
60 obj_module.update({"title": module["title"]})
61 obj_module.update({"id": module["id"]})
62 obj_module.update({"href": module["href"]})
63 json_response["metasploit"].append(obj_module)
63 obj_response = response.json()
6464
65 for module in exploitdb_modules:
66 obj_module = {}
67 obj_module.update({"title": module["title"]})
68 obj_module.update({"id": module["id"]})
69 obj_module.update({"href": module["href"]})
70 json_response["exploitdb"].append(obj_module)
65 if obj_response["data"]["references"] is not {}:
7166
72 except KeyError as ex:
73 abort(make_response(jsonify(message=f'Could not find {str(ex)}'), 400))
67 metasploit_modules = obj_response["data"]["references"][cveid].get("metasploit", [])
68 exploitdb_modules = obj_response["data"]["references"][cveid].get("exploitdb", [])
7469
75 return flask.jsonify(json_response)
70 for module in metasploit_modules:
71 obj_module = {}
72 obj_module.update({"title": module["title"]})
73 obj_module.update({"id": module["id"]})
74 obj_module.update({"href": module["href"]})
75 json_response["metasploit"].append(obj_module)
76
77 for module in exploitdb_modules:
78 obj_module = {}
79 obj_module.update({"title": module["title"]})
80 obj_module.update({"id": module["id"]})
81 obj_module.update({"href": module["href"]})
82 json_response["exploitdb"].append(obj_module)
83
84 except KeyError as ex:
85 abort(make_response(jsonify(message=f'Could not find {str(ex)}'), 400))
86
87 return flask.jsonify(json_response)
88
89
90 ExploitsView.register(exploits_api)
+53
-36
faraday/server/api/modules/info.py less more
33
44 import flask
55 from flask import Blueprint
6 from marshmallow import Schema
67
78 from faraday import __version__ as f_version
9 from faraday.server.api.base import GenericView
810 from faraday.server.config import faraday_server
911 from faraday.settings.dashboard import DashboardSettings
1012
1113 info_api = Blueprint('info_api', __name__)
1214
1315
14 @info_api.route('/v3/info', methods=['GET'])
15 def show_info():
16 """
17 ---
18 get:
19 tags: ["Informational"]
20 description: Gives basic info about the faraday service
21 responses:
22 200:
23 description: Ok
24 """
25
26 response = flask.jsonify({'Faraday Server': 'Running', 'Version': f_version})
27 response.status_code = 200
28
29 return response
16 class EmptySchema(Schema):
17 pass
3018
3119
32 @info_api.route('/config')
33 def get_config():
34 """
35 ---
36 get:
37 tags: ["Informational"]
38 description: Gives basic info about the faraday configuration
39 responses:
40 200:
41 description: Ok
42 """
43 doc = {
44 'ver': f_version,
45 'websocket_port': faraday_server.websocket_port,
46 'show_vulns_by_price': DashboardSettings.settings.show_vulns_by_price,
47 'smtp_enabled': False
48 }
20 class InfoView(GenericView):
21 route_base = 'info'
22 schema_class = EmptySchema
4923
50 return flask.jsonify(doc)
24 def get(self):
25 """
26 ---
27 get:
28 tags: ["Informational"]
29 description: Gives basic info about the faraday service
30 responses:
31 200:
32 description: Ok
33 """
34
35 response = flask.jsonify({'Faraday Server': 'Running', 'Version': f_version})
36 response.status_code = 200
37
38 return response
39
40 get.is_public = True
5141
5242
53 get_config.is_public = True
54 show_info.is_public = True
43 class ConfigView(GenericView):
44 route_base = 'config'
45 route_prefix = ''
46 schema_class = EmptySchema
47
48 def get(self):
49 """
50 ---
51 get:
52 tags: ["Informational"]
53 description: Gives basic info about the faraday configuration
54 responses:
55 200:
56 description: Ok
57 """
58 doc = {
59 'ver': f_version,
60 'websocket_port': faraday_server.websocket_port,
61 'show_vulns_by_price': DashboardSettings.settings.show_vulns_by_price,
62 'smtp_enabled': False
63 }
64
65 return flask.jsonify(doc)
66
67 get.is_public = True
68
69
70 InfoView.register(info_api)
71 ConfigView.register(info_api)
+32
-18
faraday/server/api/modules/session.py less more
55 """
66 from flask import jsonify, Blueprint
77 from flask_wtf.csrf import generate_csrf
8 from faraday.server.api.base import get_user_permissions
8 from marshmallow import Schema
9
10 from faraday.server.api.base import get_user_permissions, GenericView
911 import flask_login
1012
1113 session_api = Blueprint('session_api', __name__)
1214
1315
14 @session_api.route('/session')
15 def session_info():
16 """
17 ---
18 get:
19 tags: ["Informational"]
20 description: Gives info about the current session
21 responses:
22 200:
23 description: Ok
24 """
25 user = flask_login.current_user
26 data = user.get_security_payload()
27 data['csrf_token'] = generate_csrf()
28 data['preferences'] = user.preferences
29 data['permissions'] = get_user_permissions(user)
30 return jsonify(data)
16 class EmptySchema(Schema):
17 pass
18
19
20 class SessionView(GenericView):
21 route_base = 'session'
22 route_prefix = ''
23 schema_class = EmptySchema
24
25 def get(self):
26 """
27 ---
28 get:
29 tags: ["Informational"]
30 description: Gives info about the current session
31 responses:
32 200:
33 description: Ok
34 """
35 user = flask_login.current_user
36 data = user.get_security_payload()
37 data['csrf_token'] = generate_csrf()
38 data['preferences'] = user.preferences
39 data['permissions'] = get_user_permissions(user)
40 data['user_id'] = user.id
41 return jsonify(data)
42
43
44 SessionView.register(session_api)
+99
-85
faraday/server/api/modules/upload_reports.py less more
55 import logging
66 from datetime import datetime
77 import flask_login
8 from flask_classful import route
9 from marshmallow import Schema
810
11 from faraday.server.api.base import GenericWorkspacedView
912 from faraday.server.config import CONST_FARADAY_HOME_PATH
1013 from faraday.server.threads.reports_processor import REPORTS_QUEUE
1114 from flask import (
3033 logger = logging.getLogger(__name__)
3134
3235
33 @gzipped
34 @upload_api.route('/v3/ws/<workspace>/upload_report', methods=['POST'])
35 def file_upload(workspace=None):
36 """
37 ---
38 post:
39 tags: ["Workspace", "File"]
40 description: Upload a report file to create data within the given workspace
41 responses:
42 201:
43 description: Created
44 400:
45 description: Bad request
46 403:
47 description: Forbidden
48 tags: ["Workspace", "File"]
49 responses:
50 200:
51 description: Ok
52 """
53 logger.info("Importing new plugin report in server...")
54 # Authorization code copy-pasted from server/api/base.py
55 ws = Workspace.query.filter_by(name=workspace).first()
56 if not ws or not ws.active:
57 # Don't raise a 403 to prevent workspace name enumeration
58 abort(404, f"Workspace disabled: {workspace}")
36 class EmptySchema(Schema):
37 pass
5938
60 if 'file' not in request.files:
61 abort(400)
6239
63 try:
64 validate_csrf(request.form.get('csrf_token'))
65 except ValidationError:
66 abort(403)
40 class UploadReportView(GenericWorkspacedView):
41 route_base = 'upload_report'
42 schema_class = EmptySchema
6743
68 report_file = request.files['file']
44 @gzipped
45 @route('', methods=['POST'])
46 def file_upload(self, workspace_name=None):
47 """
48 ---
49 post:
50 tags: ["Workspace", "File"]
51 description: Upload a report file to create data within the given workspace
52 responses:
53 201:
54 description: Created
55 400:
56 description: Bad request
57 403:
58 description: Forbidden
59 tags: ["Workspace", "File"]
60 responses:
61 200:
62 description: Ok
63 """
64 logger.info("Importing new plugin report in server...")
65 # Authorization code copy-pasted from server/api/base.py
66 ws = Workspace.query.filter_by(name=workspace_name).first()
67 if not ws or not ws.active:
68 # Don't raise a 403 to prevent workspace name enumeration
69 abort(404, f"Workspace disabled: {workspace_name}")
6970
70 if report_file:
71
72 chars = string.ascii_uppercase + string.digits
73 random_prefix = ''.join(random.choice(chars) for x in range(12)) # nosec
74 raw_report_filename = f'{random_prefix}_{secure_filename(report_file.filename)}'
71 if 'file' not in request.files:
72 abort(400)
7573
7674 try:
77 file_path = CONST_FARADAY_HOME_PATH / 'uploaded_reports' \
78 / raw_report_filename
79 with file_path.open('wb') as output:
80 output.write(report_file.read())
81 except AttributeError:
82 logger.warning(
83 "Upload reports in WEB-UI not configurated, run Faraday client and try again...")
84 abort(make_response(
85 jsonify(message="Upload reports not configurated: Run faraday client and start Faraday server again"),
86 500))
75 validate_csrf(request.form.get('csrf_token'))
76 except ValidationError:
77 abort(403)
78
79 report_file = request.files['file']
80
81 if report_file:
82
83 chars = string.ascii_uppercase + string.digits
84 random_prefix = ''.join(random.choice(chars) for x in range(12)) # nosec
85 raw_report_filename = f'{random_prefix}_{secure_filename(report_file.filename)}'
86
87 try:
88 file_path = CONST_FARADAY_HOME_PATH / 'uploaded_reports' \
89 / raw_report_filename
90 with file_path.open('wb') as output:
91 output.write(report_file.read())
92 except AttributeError:
93 logger.warning(
94 "Upload reports in WEB-UI not configurated, run Faraday client and try again...")
95 abort(make_response(
96 jsonify(message="Upload reports not configurated: Run faraday client and start Faraday server again"),
97 500))
98 else:
99 logger.info(f"Get plugin for file: {file_path}")
100 plugins_manager = PluginsManager(ReportsSettings.settings.custom_plugins_folder)
101 report_analyzer = ReportAnalyzer(plugins_manager)
102 plugin = report_analyzer.get_plugin(file_path)
103 if not plugin:
104 logger.info("Could not get plugin for file")
105 abort(make_response(jsonify(message="Invalid report file"), 400))
106 else:
107 logger.info(
108 f"Plugin for file: {file_path} Plugin: {plugin.id}"
109 )
110 workspace_instance = Workspace.query.filter_by(
111 name=workspace_name).one()
112 command = Command()
113 command.workspace = workspace_instance
114 command.start_date = datetime.utcnow()
115 command.import_source = 'report'
116 # The data will be updated in the bulk_create function
117 command.tool = "In progress"
118 command.command = "In progress"
119
120 db.session.add(command)
121 db.session.commit()
122
123 REPORTS_QUEUE.put(
124 (
125 workspace_instance.name,
126 command.id,
127 file_path,
128 plugin.id,
129 flask_login.current_user.id
130 )
131 )
132 return make_response(
133 jsonify(message="ok", command_id=command.id),
134 200
135 )
87136 else:
88 logger.info(f"Get plugin for file: {file_path}")
89 plugins_manager = PluginsManager(ReportsSettings.settings.custom_plugins_folder)
90 report_analyzer = ReportAnalyzer(plugins_manager)
91 plugin = report_analyzer.get_plugin(file_path)
92 if not plugin:
93 logger.info("Could not get plugin for file")
94 abort(make_response(jsonify(message="Invalid report file"), 400))
95 else:
96 logger.info(
97 f"Plugin for file: {file_path} Plugin: {plugin.id}"
98 )
99 workspace_instance = Workspace.query.filter_by(
100 name=workspace).one()
101 command = Command()
102 command.workspace = workspace_instance
103 command.start_date = datetime.utcnow()
104 command.import_source = 'report'
105 # The data will be updated in the bulk_create function
106 command.tool = "In progress"
107 command.command = "In progress"
137 abort(make_response(jsonify(message="Missing report file"), 400))
108138
109 db.session.add(command)
110 db.session.commit()
111139
112 REPORTS_QUEUE.put(
113 (
114 workspace_instance.name,
115 command.id,
116 file_path,
117 plugin.id,
118 flask_login.current_user.id
119 )
120 )
121 return make_response(
122 jsonify(message="ok", command_id=command.id),
123 200
124 )
125 else:
126 abort(make_response(jsonify(message="Missing report file"), 400))
140 UploadReportView.register(upload_api)
+25
-6
faraday/server/api/modules/vulns.py less more
44 import io
55 import json
66 import logging
7 import re
78 from base64 import b64encode, b64decode
89 from json.decoder import JSONDecodeError
910 from pathlib import Path
4647 VulnerabilityWeb,
4748 CustomFieldsSchema,
4849 VulnerabilityGeneric,
49 User
50 User,
51 CVE
5052 )
5153 from faraday.server.utils.database import get_or_create
5254 from faraday.server.utils.export import export_vulns_to_csv
105107 return obj.tool
106108 else:
107109 return obj.creator_command_tool or 'Web UI'
110
111
112 class CVESchema(AutoSchema):
113 name = fields.String()
108114
109115
110116 class VulnerabilitySchema(AutoSchema):
121127 attribute='policy_violations')
122128 refs = fields.List(fields.String(), attribute='references')
123129 owasp = fields.Method(serialize='get_owasp_refs', default=[])
124 cve = fields.Method(serialize='get_cve_refs', default=[])
130 cve = fields.List(fields.String(), attribute='cve')
125131 cwe = fields.Method(serialize='get_cwe_refs', default=[])
126132 cvss = fields.Method(serialize='get_cvss_refs', default=[])
127133 issuetracker = fields.Method(serialize='get_issuetracker', dump_only=True)
183189 def get_cwe_refs(self, obj):
184190 return [reference for reference in obj.references if 'cwe' in reference.lower()]
185191
186 def get_cve_refs(self, obj):
187 return [reference for reference in obj.references if 'cve' in reference.lower()]
188
189192 def get_cvss_refs(self, obj):
190193 return [reference for reference in obj.references if 'cvss' in reference.lower()]
191194
509512 attachments = data.pop('_attachments', {})
510513 references = data.pop('references', [])
511514 policyviolations = data.pop('policy_violations', [])
515 cve_list = data.pop('cve', [])
516
512517 try:
513518 obj = super()._perform_create(data, **kwargs)
514519 except TypeError:
518523
519524 obj.references = references
520525 obj.policy_violations = policyviolations
526
527 # parse cve and reference. Should be temporal.
528 parsed_cve_list = []
529 for cve in cve_list:
530 parsed_cve_list += re.findall(CVE.CVE_PATTERN, cve.upper())
531
532 for cve in references:
533 parsed_cve_list += re.findall(CVE.CVE_PATTERN, cve.upper())
534
535 obj.cve = parsed_cve_list
536
537 db.session.flush()
538
521539 if not obj.tool:
522540 if obj.creator_command_tool:
523541 obj.tool = obj.creator_command_tool
553571 def _update_object(self, obj, data, **kwargs):
554572 data.pop('type', '') # It's forbidden to change vuln type!
555573 data.pop('tool', '')
574
556575 return super()._update_object(obj, data)
557576
558577 def _perform_update(self, object_id, obj, data, workspace_name=None, partial=False):
845864 flask.abort(400, "Invalid filters")
846865
847866 workspace = self._get_workspace(workspace_name)
848 marshmallow_params = {'many': True, 'context': {}}
867 marshmallow_params = {'many': True, 'context': {}, 'exclude': ('_attachments', )}
849868 if 'group_by' not in filters:
850869 offset = None
851870 limit = None
+70
-51
faraday/server/api/modules/workspaces.py less more
1616 from sqlalchemy.orm.exc import NoResultFound
1717
1818
19 from faraday.server.models import db, Workspace, _make_vuln_count_property, Vulnerability, \
20 _make_active_agents_count_property, count_vulnerability_severities
19 from faraday.server.models import (db,
20 Workspace,
21 _make_vuln_count_property,
22 Vulnerability,
23 _make_active_agents_count_property,
24 count_vulnerability_severities,
25 _last_run_agent_date)
2126 from faraday.server.schemas import (
2227 JSTimestampField,
2328 MutableField,
3439 class WorkspaceSummarySchema(Schema):
3540 credentials = fields.Integer(dump_only=True, attribute='credential_count')
3641 hosts = fields.Integer(dump_only=True, attribute='host_count')
37 services = fields.Integer(dump_only=True,
38 attribute='total_service_count')
39 web_vulns = fields.Integer(dump_only=True, allow_none=False,
40 attribute='vulnerability_web_count')
41 code_vulns = fields.Integer(dump_only=True, allow_none=False,
42 attribute='vulnerability_code_count')
43 std_vulns = fields.Integer(dump_only=True, allow_none=False,
44 attribute='vulnerability_standard_count')
45 critical_vulns = fields.Integer(dump_only=True, allow_none=False,
46 attribute='vulnerability_critical_count')
47 info_vulns = fields.Integer(dump_only=True, allow_none=False,
48 attribute='vulnerability_informational_count')
49 high_vulns = fields.Integer(dump_only=True, allow_none=False,
50 attribute='vulnerability_high_count')
51 medium_vulns = fields.Integer(dump_only=True, allow_none=False,
52 attribute='vulnerability_medium_count')
53 low_vulns = fields.Integer(dump_only=True, allow_none=False,
54 attribute='vulnerability_low_count')
55 unclassified_vulns = fields.Integer(dump_only=True, allow_none=False,
56 attribute='vulnerability_unclassified_count')
57 total_vulns = fields.Integer(dump_only=True, allow_none=False,
58 attribute='vulnerability_total_count')
42 services = fields.Integer(dump_only=True, attribute='total_service_count')
43 web_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_web_count')
44 code_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_code_count')
45 std_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_standard_count')
46 opened_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_open_count')
47 confirmed_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_confirmed_count')
48 critical_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_critical_count')
49 info_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_informational_count')
50 high_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_high_count')
51 medium_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_medium_count')
52 low_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_low_count')
53 unclassified_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_unclassified_count')
54 total_vulns = fields.Integer(dump_only=True, allow_none=False, attribute='vulnerability_total_count')
5955
6056
6157 class WorkspaceDurationSchema(Schema):
8480 )
8581 active = fields.Boolean()
8682
87 create_date = fields.DateTime(attribute='create_date',
88 dump_only=True)
89
90 update_date = fields.DateTime(attribute='update_date',
91 dump_only=True)
92
83 create_date = fields.DateTime(attribute='create_date', dump_only=True)
84 update_date = fields.DateTime(attribute='update_date', dump_only=True)
9385 active_agents_count = fields.Integer(dump_only=True)
86 last_run_agent_date = fields.DateTime(dump_only=True, attribute='last_run_agent_date')
9487
9588 class Meta:
9689 model = Workspace
9790 fields = ('_id', 'id', 'customer', 'description', 'active',
9891 'duration', 'name', 'public', 'scope', 'stats',
9992 'create_date', 'update_date', 'readonly',
100 'active_agents_count')
93 'active_agents_count', 'last_run_agent_date')
10194
10295 @post_load
10396 def post_load_duration(self, data, **kwargs):
219212 if active is not None:
220213 query = query.filter_by(active=active)
221214 query = query.options(
222 with_expression(
223 Workspace.vulnerability_web_count,
224 _make_vuln_count_property('vulnerability_web',
215 with_expression(
216 Workspace.vulnerability_web_count,
217 _make_vuln_count_property('vulnerability_web',
225218 confirmed=confirmed,
226219 extra_query=extra_query,
227220 use_column_property=False),
228 ),
229 with_expression(
230 Workspace.vulnerability_standard_count,
231 _make_vuln_count_property('vulnerability',
221 ),
222 with_expression(
223 Workspace.vulnerability_standard_count,
224 _make_vuln_count_property('vulnerability',
232225 confirmed=confirmed,
233226 extra_query=extra_query,
234227 use_column_property=False)
235 ),
236 with_expression(
237 Workspace.vulnerability_total_count,
238 _make_vuln_count_property(type_=None,
228 ),
229 with_expression(
230 Workspace.vulnerability_total_count,
231 _make_vuln_count_property(type_=None,
239232 confirmed=confirmed,
240233 extra_query=extra_query,
241234 use_column_property=False)
242 ),
243 with_expression(
244 Workspace.vulnerability_code_count,
245 _make_vuln_count_property('vulnerability_code',
235 ),
236 with_expression(
237 Workspace.vulnerability_code_count,
238 _make_vuln_count_property('vulnerability_code',
246239 extra_query=extra_query,
247240 use_column_property=False),
248 ),
249 with_expression(
250 Workspace.active_agents_count,
251 _make_active_agents_count_property(),
252 ),
241 ),
242 with_expression(
243 Workspace.active_agents_count,
244 _make_active_agents_count_property(),
245 ),
246 with_expression(
247 Workspace.last_run_agent_date,
248 _last_run_agent_date(),
249 ),
250 )
251
252 # extra_query contains status filter
253 if not extra_query or status == 'open':
254 query = query.options(
255 with_expression(Workspace.vulnerability_open_count,
256 _make_vuln_count_property(None,
257 extra_query=" status='open' ",
258 use_column_property=False),
259 )
253260 )
261
262 if confirmed is not False:
263 query = query.options(
264 with_expression(
265 Workspace.vulnerability_confirmed_count,
266 _make_vuln_count_property(None,
267 confirmed=True,
268 extra_query=extra_query,
269 use_column_property=False)
270 )
271 )
272
254273 query = count_vulnerability_severities(query, Workspace, status=status, confirmed=confirmed, all_severities=True)
255274
256275 try:
+18
-3
faraday/server/commands/initdb.py less more
159159 'event_types': ['new_vulnerabilityweb', 'update_vulnerabilityweb', 'delete_vulnerabilityweb']},
160160 # Comments
161161 {'roles': [admin, pentester, asset_owner, client], 'event_types': ['new_comment']},
162 # Comments
163 {'roles': [admin, pentester, asset_owner, client],
164 'event_types': ['new_host', 'update_host', 'delete_host']},
162165 ]
163166
164167 event_types = [('new_workspace', False),
181184 ('delete_vulnerability', False),
182185 ('new_vulnerabilityweb', False),
183186 ('update_vulnerabilityweb', False),
184 ('delete_vulnerabilityweb', False)]
187 ('delete_vulnerabilityweb', False),
188 ('new_host', False),
189 ('update_host', False),
190 ('delete_host', False)
191 ]
192
193 default_initial_enabled_notifications_config = ['new_workspace', 'update_executivereport', 'new_agentexecution', 'new_command', 'new_comment']
185194
186195 for event_type in event_types:
187 event_type_obj = EventType(name=event_type[0], async_event=event_type[1])
196 enabled = False
197 if event_type[0] in default_initial_enabled_notifications_config:
198 enabled = True
199 event_type_obj = EventType(name=event_type[0], async_event=event_type[1], enabled=enabled)
188200 db.session.add(event_type_obj)
189201
190202 object_types = ['vulnerability',
214226 n = NotificationSubscription(event_type=event_type_obj, allowed_roles=allowed_roles_objs)
215227 db.session.add(n)
216228 db.session.commit()
217 ns = NotificationSubscriptionWebSocketConfig(subscription=n, active=True, role_level=True)
229 active = False
230 if event_type in default_initial_enabled_notifications_config:
231 active = True
232 ns = NotificationSubscriptionWebSocketConfig(subscription=n, active=active, role_level=True)
218233 db.session.add(ns)
219234 db.session.commit()
220235
+65
-2
faraday/server/models.py less more
2222 UniqueConstraint,
2323 event,
2424 Table,
25 literal,
2526 )
2627 from sqlalchemy.exc import IntegrityError
2728 from sqlalchemy.orm import relationship
153154 # I suppose that we're using PostgreSQL, that can't compare
154155 # booleans with integers
155156 query = query.where(text('agent.active = true'))
157
158 return query
159
160
161 def _last_run_agent_date():
162 query = select([text('executor.last_run')])
163
164 from_clause = table('executor')\
165 .join(Agent, text('executor.agent_id = agent.id'))\
166 .join(text('association_workspace_and_agents_table'),
167 text('agent.id = association_workspace_and_agents_table.agent_id '
168 'and association_workspace_and_agents_table.workspace_id = workspace.id'))
169 query = query.select_from(from_clause).where(text('executor.last_run is not null')).order_by(Executor.last_run.desc()).limit(1)
156170
157171 return query
158172
604618
605619 def _build_associationproxy_creator_non_workspaced(model_class_name):
606620 def creator(name, vulnerability):
607 """Get or create a reference/policyviolation with the
608 corresponding name. This must be workspace aware"""
621 """Get or create a reference/policyviolation/CVE with the
622 corresponding name. This is not workspace aware"""
609623
610624 # Ugly hack to avoid the fact that Reference is defined after
611625 # Vulnerability
983997 child_field='name')
984998
985999
1000 cve_vulnerability_association = db.Table('cve_association',
1001 Column('vulnerability_id', Integer, db.ForeignKey('vulnerability.id', ondelete='CASCADE'), nullable=False),
1002 Column('cve_id', Integer, db.ForeignKey('cve.id'), nullable=False)
1003 )
1004
1005
1006 class CVE(db.Model):
1007 __tablename__ = 'cve'
1008
1009 CVE_PATTERN = r'CVE-\d{4}-\d{4,7}'
1010
1011 id = Column(Integer, primary_key=True)
1012 name = Column(String(24), unique=True)
1013 year = Column(Integer, nullable=True)
1014 identifier = Column(Integer, nullable=True)
1015
1016 # TODO: add customer inserted flag
1017 # Other fields TBD
1018
1019 vulnerabilities = relationship("VulnerabilityGeneric", secondary=cve_vulnerability_association)
1020
1021 def __str__(self):
1022 return f'{self.id}'
1023
1024 def __init__(self, name=None, **kwargs):
1025 logger.debug("cve found %s", name)
1026 try:
1027 name = name.upper()
1028 _, year, identifier = name.split("-")
1029 super().__init__(name=name, year=year, identifier=identifier, **kwargs)
1030 except ValueError:
1031 logger.error("Invalid cve format. Should be CVE-YEAR-ID.")
1032 raise ValueError("Invalid cve format. Should be CVE-YEAR-NUMBERID.")
1033
1034
9861035 class Service(Metadata):
9871036 STATUSES = [
9881037 'open',
10981147 backref=backref('vulnerabilities', cascade="all, delete-orphan", passive_deletes=True)
10991148 )
11001149
1150 cve_instances = relationship("CVE",
1151 secondary=cve_vulnerability_association,
1152 lazy="joined",
1153 collection_class=set)
1154
1155 cve = association_proxy('cve_instances',
1156 'name',
1157 proxy_factory=CustomAssociationSet,
1158 creator=_build_associationproxy_creator_non_workspaced('CVE'))
1159
11011160 reference_instances = relationship(
11021161 "Reference",
11031162 secondary="reference_vulnerability_association",
15721631 vulnerability_standard_count = query_expression()
15731632 vulnerability_total_count = query_expression()
15741633 active_agents_count = query_expression()
1634 last_run_agent_date = query_expression()
1635 vulnerability_open_count = query_expression(literal(0))
1636 vulnerability_confirmed_count = query_expression(literal(0))
15751637
15761638 vulnerability_informational_count = query_expression()
15771639 vulnerability_medium_count = query_expression()
21292191 id = Column(Integer, primary_key=True)
21302192 name = Column(String(64), unique=True, nullable=False)
21312193 async_event = Column(Boolean, default=False)
2194 enabled = Column(Boolean, default=True)
21322195
21332196
21342197 allowed_roles_association = db.Table('notification_allowed_roles',
+1
-1
faraday/server/utils/search.py less more
598598 field = getattr(relation_model, field_name_in_relation)
599599 direction = getattr(field, val.direction)
600600 if relation_model not in joined_models:
601 query = query.join(*joined_models)
601 query = query.join(relation_model, isouter=True)
602602 joined_models.add(relation_model)
603603 query = query.order_by(direction())
604604 else:
+12
-0
faraday/start_server.py less more
66 import argparse
77 import logging
88
9 import psycopg2
910 from alembic.runtime.migration import MigrationContext
1011
1112 from colorama import init, Fore
101102 )
102103
103104
105 def check_if_db_up():
106 try:
107 conn = psycopg2.connect(dbname="postgres")
108 conn.close()
109 except psycopg2.OperationalError as e:
110 if "could not connect to server" in e.args[0]:
111 print("\n\nCould not ping the Postgres server, please check if it is running \n\n")
112 sys.exit(1)
113
114
104115 def main():
105116 os.chdir(faraday.server.config.FARADAY_BASE)
117 # check_if_db_up()
106118 check_alembic_version()
107119 # TODO RETURN TO prev CWD
108120 check_postgresql()
+10
-0
pynixify/nixpkgs.nix less more
4040 };
4141 python38 =
4242 super.python38.override {
43 inherit
44 packageOverrides;
45 };
46 python39 =
47 super.python39.override {
48 inherit
49 packageOverrides;
50 };
51 python310 =
52 super.python310.override {
4353 inherit
4454 packageOverrides;
4555 };
+2
-2
pynixify/packages/anyascii/default.nix less more
1010 pname =
1111 "anyascii";
1212 version =
13 "0.2.0";
13 "0.3.0";
1414
1515 src =
1616 fetchPypi {
1818 pname
1919 version;
2020 sha256 =
21 "1b6jdd9nx15py0jqjdn154m6m491517sqlk57bbyj3x4xzywadkh";
21 "14xmf2xz99gdmyzal7xwc997l05siipvcpqj6cxckik4zcqp9wi4";
2222 };
2323
2424 # TODO FIXME
+2
-8
pynixify/packages/bidict/default.nix less more
44 { buildPythonPackage
55 , fetchPypi
66 , lib
7 , setuptools_scm
87 }:
98
109 buildPythonPackage rec {
1110 pname =
1211 "bidict";
1312 version =
14 "0.21.2";
13 "0.21.4";
1514
1615 src =
1716 fetchPypi {
1918 pname
2019 version;
2120 sha256 =
22 "02dy0b1k7qlhn7ajyzkrvxhyhjj0hzcq6ws3zjml9hkdz5znz92g";
21 "0vwz0xd9vr2l9j2alx1lipbxrkkwxbllnfq7ys58kppqwvxlzj22";
2322 };
24
25 buildInputs =
26 [
27 setuptools_scm
28 ];
2923
3024 # TODO FIXME
3125 doCheck =
+2
-2
pynixify/packages/bleach/default.nix less more
1313 pname =
1414 "bleach";
1515 version =
16 "4.0.0";
16 "4.1.0";
1717
1818 src =
1919 fetchPypi {
2121 pname
2222 version;
2323 sha256 =
24 "1j3wnrzk5p4n6avbpjz2spw0rpbf6rrk9hzwa369k4y2d8f25agz";
24 "1nkibazmw1ry4cfxs9qrkkidxdf2z1hh1b20xq1ahqdsgsrxh009";
2525 };
2626
2727 propagatedBuildInputs =
+2
-2
pynixify/packages/click/default.nix less more
1111 pname =
1212 "click";
1313 version =
14 "8.0.1";
14 "8.0.3";
1515
1616 src =
1717 fetchPypi {
1919 pname
2020 version;
2121 sha256 =
22 "0ymdyf37acq4qxh038q0xx44qgj6y2kf0jd0ivvix6qij88w214c";
22 "0nybbsgaff8ihfh74nhmng6qj74pfpg99njc7ivysphg0lmr63j1";
2323 };
2424
2525 propagatedBuildInputs =
+2
-2
pynixify/packages/faraday-agent-parameters-types/default.nix less more
1313 pname =
1414 "faraday-agent-parameters-types";
1515 version =
16 "1.0.1";
16 "1.0.2";
1717
1818 src =
1919 fetchPypi {
2222 pname =
2323 "faraday_agent_parameters_types";
2424 sha256 =
25 "0q2cngxgkvl74mhkibvdsvjjrdfd7flxd6a4776wmxkkn0brzw66";
25 "0dw2s7lyg9s1qjj6yrn5hxpasbb32qg89pcfsv4vv47yla9djzyc";
2626 };
2727
2828 buildInputs =
+2
-2
pynixify/packages/faraday-plugins/default.nix less more
2020 pname =
2121 "faraday-plugins";
2222 version =
23 "1.5.2";
23 "1.5.5";
2424
2525 src =
2626 fetchPypi {
2828 pname
2929 version;
3030 sha256 =
31 "09gr3gsipnfvm222bj20n77hrys4gk57i30r9llj72hiicm2bb4k";
31 "1dw7j8zfa8j9m0qcpyzl6k0z29k3j5i90lyfg2zapwkpalkgx0d1";
3232 };
3333
3434 propagatedBuildInputs =
+1
-1
pynixify/packages/faradaysec/default.nix less more
6464 pname =
6565 "faradaysec";
6666 version =
67 "3.17.0";
67 "3.18.1";
6868
6969 src =
7070 lib.cleanSource
+2
-2
pynixify/packages/flask-security-too/default.nix less more
1818 pname =
1919 "flask-security-too";
2020 version =
21 "4.1.0";
21 "4.1.2";
2222
2323 src =
2424 fetchPypi {
2727 pname =
2828 "Flask-Security-Too";
2929 sha256 =
30 "109h08p0sljkspqay6i970hqbdwcnp7z59ql9nz0cdyg6m2czpk8";
30 "16ws5n08vm7wsa2f7lrkxvc7jl3ah1xfylhhyzb4vvqmlk7x9hw8";
3131 };
3232
3333 propagatedBuildInputs =
+2
-2
pynixify/packages/python-engineio/default.nix less more
1010 pname =
1111 "python-engineio";
1212 version =
13 "4.2.1";
13 "4.3.0";
1414
1515 src =
1616 fetchPypi {
1818 pname
1919 version;
2020 sha256 =
21 "0qps2bhis0ms8pbncsx6xwnyd6k5ffy5hbw68wjndmcfdndk446m";
21 "04fviy92zf8fcpkjnfnsch1phl2sssnhrvq5zkqm67x2rzm5xlzy";
2222 };
2323
2424 # TODO FIXME
+2
-2
pynixify/packages/python-socketio/default.nix less more
1212 pname =
1313 "python-socketio";
1414 version =
15 "5.4.0";
15 "5.4.1";
1616
1717 src =
1818 fetchPypi {
2020 pname
2121 version;
2222 sha256 =
23 "0i15p94b592aa2h3vn3zs9qc8izv6kc4vmhjlkg9d3hn3yg7r06a";
23 "1c17cvm91map3rbgl5156y6zwzz2wyqvm31298a23d7bvwyjfkpg";
2424 };
2525
2626 propagatedBuildInputs =
+2
-2
pynixify/packages/webargs/default.nix less more
1111 pname =
1212 "webargs";
1313 version =
14 "8.0.0";
14 "8.0.1";
1515
1616 src =
1717 fetchPypi {
1919 pname
2020 version;
2121 sha256 =
22 "0xy6na8axc5wnp2wg3kvqbpl2iv0hx0rsnlrmrgkgp88znx6cmjn";
22 "052nard38lki662fqydlyip242n9i8w04yyh1axwz5zfa0i05kmw";
2323 };
2424
2525 propagatedBuildInputs =
+0
-2
scripts/cscan/CHANGES.txt less more
0 * v1.0.0 (09/23/15):
1 * First release cscan tool
+0
-5
scripts/cscan/README.md less more
0 # cscan
1 Faraday Continuous Scanning
2
3 More information:
4 [http://blog.infobytesec.com/2015/09/faraday-continuous-scanning.html] (http://blog.infobytesec.com/2015/09/faraday-continuous-scanning.html)
+0
-121
scripts/cscan/cscan.py less more
0 #!/usr/bin/env python
1 ###
2 ## Faraday Penetration Test IDE
3 ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
4 ## See the file 'doc/LICENSE' for the license information
5 ###
6
7 from __future__ import print_function
8 import subprocess
9 import os
10 import argparse
11 import time
12 import shutil
13 from pprint import pprint
14 from configparser import ConfigParser, NoSectionError, NoOptionError
15 #from config import config
16
17 def setup_config_path():
18 path = os.path.dirname(os.path.abspath(__file__))
19 file_path = os.path.expanduser("~/.faraday/config/cscan_conf.ini")
20
21 if os.path.exists(file_path):
22 return file_path
23
24 else:
25 # TODO check if folders exist and if not create them
26 path = os.path.join(path,"cscan_conf.ini")
27 shutil.copy(path, file_path)
28 return file_path
29
30 def init_config():
31 file_path = setup_config_path()
32 conf_parser = ConfigParser()
33 conf_parser.read(file_path)
34 config = {}
35
36 for section in conf_parser.sections():
37 for option in conf_parser.options(section):
38 config[option.upper()] = (conf_parser.get(section, option))
39 return config
40
41 def lockFile(lockfile):
42 if os.path.isfile(lockfile):
43 return False
44 else:
45 f = open(lockfile, 'w')
46 f.close()
47 return True
48
49 def target_list(script, categories):
50 dictionary = {
51 "network": "ips.txt",
52 "web": "websites.txt",
53 "extra": "ips.txt"
54 }
55
56 category = 'network'
57 for c in categories:
58 if os.path.exists(os.path.join('scripts', c, script)):
59 return dictionary[c]
60
61 def main():
62 lockf = ".lock.pod"
63 if not lockFile(lockf):
64 print("You can run only one instance of cscan (%s)" % lockf)
65 exit(0)
66
67 config = init_config()
68 my_env = os.environ
69 env = config.copy()
70 env.update(my_env)
71
72
73 parser = argparse.ArgumentParser(description='continues scanning on Faraday')
74 parser.add_argument('-s','--script', help='Scan only the following script ej: ./cscan.py -p nmap.sh', required=False)
75 parser.add_argument('-S','--scripts', help='Scan the following scripts list ej: ./cscan.py -p nmap.sh,nikto.sh', required=False)
76 parser.add_argument('-c','--category', help='Scan only for given category ej: ./cscan.py -c network', required=False)
77 parser.add_argument('-t','--targets', help='Choose a custom target list ej: ./cscan.py -t custom-list.txt', required=False)
78 parser.add_argument('-o','--output', help='Choose a custom output directory', required=False)
79 parser.add_argument('-l','--log', help='Choose a custom log directory', required=False)
80 args = parser.parse_args()
81
82 output = 'output/'
83 if args.output:
84 output = args.output
85
86 logdir = 'log/'
87 if args.log:
88 logdir = args.log
89
90 for d in [logdir, output]:
91 if not os.path.isdir(d):
92 os.makedirs(d)
93
94 if args.script:
95 scripts = [args.script]
96 elif args.scripts:
97 scripts = args.scripts.split(",")
98 else:
99 scripts = env["CS_SCRIPTS"].split(",")
100
101 categories = env["CS_CATEGORIES"].split(",")
102 for category in categories:
103 env["PATH"] += ":%s" % os.path.abspath("./scripts/" + category)
104
105 for script in scripts:
106 if args.targets:
107 targets = args.targets
108 else:
109 targets = target_list(script, categories)
110
111 cmd = "%s %s %s %s" % (script, targets, output, logdir)
112 print("\n\nRunning: %s" % cmd)
113 proc = subprocess.call(cmd, shell=True, stdin=None, env=dict(env))
114
115 #Remove lockfile
116 os.remove(lockf)
117
118 if __name__ == "__main__":
119 main()
120 # I'm Py3
+0
-45
scripts/cscan/cscan_conf.ini less more
0 ###
1 ## Faraday Penetration Test IDE
2 ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
3 ## See the file doc/LICENSE for the license information
4 ###
5
6 [Default setup]
7 CS_CATEGORIES: network,web
8 CS_SCRIPTS: nmap.sh,openvas.sh,nikto.sh,nessus.sh,w3af.sh
9
10 [NMAP]
11 CS_NMAP : nmap
12 CS_NMAP_ARGS : -O
13
14 [OPENVAS]
15 CS_OPENVAS_USER : admin
16 CS_OPENVAS_PASSWORD : openvas
17 CS_OPENVAS_SCAN_CONFIG : Full and fast
18 CS_OPENVAS_ALIVE_TEST : ICMP, TCP-ACK Service &amp; ARP Ping
19 CS_OPENVAS : omp
20
21 [BURP]
22 CS_BURP : /root/tools/burpsuite_pro_v1.6.26.jar
23
24 [NIKTO]
25 CS_NIKTO : nikto
26 CS_NIKTO_ARGS :
27
28 [W3AF]
29 CS_W3AF : /root/tools/w3af/w3af_api
30 CS_W3AF_PROFILE : /root/tools/w3af/profiles/fast_scan.pw3af
31
32 [ZAP]
33 CS_ZAP : /root/tools/zap/ZAP_D-2015-08-24/zap.sh
34
35 [NESSUS]
36 CS_NESSUS_URL : https://127.0.0.1:8834
37 CS_NESSUS_USER : nessus
38 CS_NESSUS_PASS : nessus
39 CS_NESSUS_PROFILE : Basic Network Scan
40
41 [MSFRPC]
42 CS_MSF_TMP_WS : enabled
43 CS_MSF_EXPORT : enabled
44
+0
-1
scripts/cscan/ips.txt less more
0 127.0.0.1
+0
-129
scripts/cscan/plugin/carbonator/carbonator.py less more
0 # Created by Blake Cornell, CTO, Integris Security LLC
1 # Integris Security Carbonator - Beta Version - v1.2
2 # Released under GPL Version 2 license.
3 #
4 # See the INSTALL file for installation instructions.
5 #
6 # For more information contact us at carbonator at integrissecurity dot com
7 # Or visit us at https://www.integrissecurity.com/
8
9 from burp import IBurpExtender
10 from burp import IHttpListener
11 from burp import IScannerListener
12 from java.net import URL
13 from java.io import File
14
15 import time
16
17 class BurpExtender(IBurpExtender, IHttpListener, IScannerListener):
18 def registerExtenderCallbacks(self, callbacks):
19 self._callbacks = callbacks
20 self._callbacks.setExtensionName("Carbonator")
21 self._helpers = self._callbacks.getHelpers()
22 self.clivars = None
23
24 self.spider_results=[]
25 self.scanner_results=[]
26 self.packet_timeout=5
27
28 self.last_packet_seen= int(time.time()) #initialize the start of the spider/scan
29
30 if not self.processCLI():
31 return None
32 else:
33 self.clivars = True
34
35 print("Initiating Carbonator Against: ", str(self.url))
36 #add to scope if not already in there.
37 if self._callbacks.isInScope(self.url) == 0:
38 self._callbacks.includeInScope(self.url)
39
40 #added to ensure that the root directory is scanned
41 base_request = str.encode(str("GET "+self.path+" HTTP/1.1\nHost: "+self.fqdn+"\n\n"))
42 if(self.scheme == 'HTTPS'):
43 print(self._callbacks.doActiveScan(self.fqdn,self.port,1,base_request))
44 else:
45 print(self._callbacks.doActiveScan(self.fqdn,self.port,0,base_request))
46
47 self._callbacks.sendToSpider(self.url)
48 self._callbacks.registerHttpListener(self)
49 self._callbacks.registerScannerListener(self)
50
51 while int(time.time())-self.last_packet_seen <= self.packet_timeout:
52 time.sleep(1)
53 print("No packets seen in the last", self.packet_timeout, "seconds.")
54 print("Removing Listeners")
55 self._callbacks.removeHttpListener(self)
56 self._callbacks.removeScannerListener(self)
57 self._callbacks.excludeFromScope(self.url)
58
59 print("Generating Report")
60 self.generateReport(self.rtype)
61 print("Report Generated")
62 print("Closing Burp in", self.packet_timeout, "seconds.")
63 time.sleep(self.packet_timeout)
64
65 if self.clivars:
66 self._callbacks.exitSuite(False)
67
68 return
69
70 def processHttpMessage(self, tool_flag, isRequest, current):
71 self.last_packet_seen = int(time.time())
72 if tool_flag == self._callbacks.TOOL_SPIDER and isRequest: #if is a spider request then send to scanner
73 self.spider_results.append(current)
74 print("Sending new URL to Vulnerability Scanner: URL #",len(self.spider_results))
75 if self.scheme == 'https':
76 self._callbacks.doActiveScan(self.fqdn,self.port,1,current.getRequest()) #returns scan queue, push to array
77 else:
78 self._callbacks.doActiveScan(self.fqdn,self.port,0,current.getRequest()) #returns scan queue, push to array
79 return
80
81 def newScanIssue(self, issue):
82 self.scanner_results.append(issue)
83 print("New issue identified: Issue #",len(self.scanner_results))
84 return
85
86 def generateReport(self, format):
87 if format != 'XML':
88 format = 'HTML'
89
90 file_name = self.output
91 self._callbacks.generateScanReport(format,self.scanner_results,File(file_name))
92
93 time.sleep(5)
94 return
95
96 def processCLI(self):
97 cli = self._callbacks.getCommandLineArguments()
98 if len(cli) < 0:
99 print("Incomplete target information provided.")
100 return False
101 elif not cli:
102 print("Integris Security Carbonator is now loaded.")
103 print("If Carbonator was loaded through the BApp store then you can run in headless mode simply adding the `-Djava.awt.headless=true` flag from within your shell. Note: If burp doesn't close at the conclusion of a scan then disable Automatic Backup on Exit.")
104 print("For questions or feature requests contact us at carbonator at integris security dot com.")
105 print("Visit carbonator at https://www.integrissecurity.com/Carbonator")
106 return False
107 else:
108 self.url = URL(cli[0])
109 self.rtype = cli[1]
110 self.output = cli[2]
111
112 self.scheme = self.url.getProtocol()
113 self.fqdn = self.url.getHost()
114 self.port1 = self.url.getPort()
115 if self.port1 == -1 and self.scheme == 'http':
116 self.port = 80
117 elif self.port1 == -1 and self.scheme == 'https':
118 self.port = 443
119 else:
120 self.port = self.port1
121 self.path = self.url.getFile()
122 print("self.url: " + str(self.url) + "\n")
123 print("Scheme: " + self.scheme + "\n")
124 print("FQDN: " + self.fqdn + "\n")
125 print("Port: " + str(self.port1) + "\n")
126 print("Path: " + self.path + "\n")
127 return True
128 # I'm Py3
+0
-280
scripts/cscan/plugin/msfrpc.py less more
0 #!/usr/bin/env python3
1 '''
2 Faraday Penetration Test IDE
3 Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
4 See the file 'doc/LICENSE' for the license information
5
6 '''
7
8 import os
9 import time
10 import string
11 import random
12 import argparse
13 import msgpack
14 import http.client
15 import ssl
16
17
18 class Msfrpc:
19 """ Msfrpc class from https://github.com/SpiderLabs/msfrpc """
20
21 class MsfError(Exception):
22 def __init__(self, msg):
23 self.msg = msg
24
25 def __str__(self):
26 return repr(self.msg)
27
28 class MsfAuthError(MsfError):
29 def __init__(self, msg):
30 self.msg = msg
31
32 def __init__(self, opts=[]):
33 self.host = opts.get("host") or "127.0.0.1"
34 self.port = opts.get("port") or 55552
35 self.uri = opts.get("uri") or "/api/"
36 self.ssl = opts.get("ssl") or False
37 self.authenticated = False
38 self.token = False
39 self.headers = {"Content-type": "binary/message-pack"}
40 if self.ssl:
41 self.client = http.client.HTTPSConnection(self.host, self.port, context=ssl._create_unverified_context())
42 else:
43 self.client = http.client.HTTPConnection(self.host, self.port)
44
45 def encode(self, data):
46 return msgpack.packb(data)
47
48 def decode(self, data):
49 return msgpack.unpackb(data)
50
51 def call(self, meth, opts=[]):
52 if meth != "auth.login":
53 if not self.authenticated:
54 raise self.MsfAuthError("MsfRPC: Not Authenticated")
55 opts.insert(0, self.token)
56
57 opts.insert(0, meth)
58 params = self.encode(opts)
59 self.client.request("POST", self.uri,params, self.headers)
60 resp = self.client.getresponse()
61 return self.decode(resp.read())
62
63 def login(self, user, password):
64 ret = self.call("auth.login", [user, password])
65 if ret.get("result") == "success":
66 self.authenticated = True
67 self.token = ret.get("token")
68 return True
69 else:
70 raise self.MsfAuthError("MsfRPC: Authentication failed")
71
72
73 class CscanMsf:
74 """ msfrpc plugin for cscan """
75 def __init__(self, client, logfile=False, quiet=False):
76 self.logfile = logfile
77 self.cid = None
78 self.quiet = quiet
79 self.client = client
80
81 def check_auth(self):
82 if not self.client or not self.client.authenticated:
83 self.log("ERROR: You are not authenticated..", True)
84 return False
85 return True
86
87 def log(self, msg, critical=False):
88 if self.logfile:
89 logfile = open(self.logfile, "a")
90 logfile.write("%s\n" % msg)
91 logfile.close()
92 if not self.quiet or critical:
93 print(msg)
94
95 def rpc_call(self, meth, opts, key=""):
96 if self.check_auth():
97 res = self.client.call(meth, opts)
98
99 if "error" in res:
100 self.log("ERROR: %s %s" % (res.get("error_code"), res.get("error_message")), True)
101 self.log("%s: %s\n%s" % (res.get("error_class"), res.get("error_string"), res.get("error_backtrace")))
102 return res
103 return res if not key else res.get(key)
104
105 def create_console(self):
106 self.cid = self.rpc_call("console.create", [{}], "id")
107 self.rpc_call("console.read", [self.cid])
108 self.log("Created console ID " + str(self.cid), True)
109 return self.cid
110
111 def destroy_console(self):
112 self.log("Destroy console ID %s.. %s" % (self.cid, self.rpc_call("console.destroy",
113 [self.cid], "result")), True)
114
115 def create_ws(self, ws, switch=False):
116 self.log("Create %s workspace.. %s" % (ws, self.rpc_call("db.add_workspace", [ws], "result")), True)
117 if switch:
118 self.set_ws(ws)
119 return ws
120
121 def set_ws(self, ws):
122 self.log("Switch to %s workspace.. %s" % (ws, self.rpc_call("db.set_workspace", [ws], "result")), True)
123
124 def destroy_ws(self, ws):
125 self.log("Delete %s workspace.. %s" % (ws, self.rpc_call("db.del_workspace", [ws], "result")), True)
126
127 def import_xml_data(self, ws, xml):
128 content = open(xml, "r").read()
129 self.log("Importing data from %s.. %s" % (xml, self.rpc_call("db.import_data", [{"workspace": ws,
130 "data": content}], "result")), True)
131
132 def export_current_ws(self, out):
133 self.log("Exporting workspace..", True)
134 self.rpc_call("console.write", [self.cid, "db_export %s\r\n" % out])
135
136 while True:
137 time.sleep(5)
138 res = self.rpc_call("console.read", [self.cid])
139 if res.get("data"):
140 self.log("%s %s" % (res.get("prompt"), res.get("data")))
141 if "Finished export" in res.get("data"):
142 return True
143
144 def wait_for_jobs(self):
145 while True:
146 job_list = self.rpc_call("job.list", [])
147 self.log("Current jobs: %s (Total: %d)" % (",".join(job_list), len(job_list)), True)
148 if len(job_list) > 0:
149 for j in job_list:
150 jinfo = self.rpc_call("job.info", [j])
151 self.log("%s - %s" % (jinfo.get("jid"), jinfo.get("name")), True)
152 else:
153 return True
154 time.sleep(10)
155
156 def run_commands(self, commands):
157 self.log("Deploy following commands: \n%s" % " msf> " + "\n msf> ".join(commands), True)
158 self.rpc_call("console.write", [self.cid, "\n".join(commands)])
159 self.rpc_call("console.write", [self.cid, "set PROMPT commands_deployed\r\n"])
160
161 while True:
162 time.sleep(2)
163 res = self.rpc_call("console.read", [self.cid])
164 if res.get("data"):
165 self.log("%s %s" % (res.get("prompt"), res.get("data")))
166 if "commands_deployed" in res["prompt"] and not res["busy"]:
167 self.rpc_call("console.write", [self.cid, "set PROMPT msfcscan\r\n"])
168 break
169
170 def banner(args, cws="unknown"):
171 return """ _____________________________________________________
172 | ____ ___________________________________________ |
173 | | | \/ |/ ___| ___/ __ \ | |
174 | | | . . |\ `--.| |_ | / \/___ ___ __ _ _ __ | |
175 | | | |\/| | `--. \ _| | | / __|/ __/ _` | '_ \ | |
176 | | | | | |/\__/ / | | \__/\__ \ (_| (_| | | | | | |
177 | | \_| |_/\____/\_| \____/___/\___\__,_|_| |_| | |
178 | | _____ ______ ______ _____ ______ ______ _____ | |
179 | | |_____|______|______|_____|______|______|_____| |_|
180 | |
181 | | Arguments: Current workspace: %s
182 | | > Temp workspace: %s
183 | | > Quiet mode: %s
184 | | > Command: %s
185 | | > Resource: %s
186 | | > Options: %s
187 | | > Modules: %s
188 |_| > XML import: %s
189 > Log file: %s
190 > Output file: %s
191
192 """ % (
193 cws,
194 "enabled" if not args.disable_tmp_ws else "disabled",
195 "enabled" if args.quiet else "disabled",
196 args.command,
197 args.resource,
198 "\n | | --> " + args.options.replace(":", "\n | | --> ") if args.options else None,
199 "\n | | --> " + args.modules.replace(",", "\n | | --> ") if args.modules else None,
200 args.xml,
201 args.log,
202 args.output
203 )
204
205
206 def main():
207 parser = argparse.ArgumentParser(description="msfrpc cscan plugin, for automated security testing")
208 parser.add_argument("-H","--msfrpc-host", help="Override MSFRPC_HOST envvar", required=False)
209 parser.add_argument("-P","--msfrpc-port", help="Override MSFRPC_PORT envvar", required=False)
210 parser.add_argument("-u","--msfrpc-user", help="Override MSFRPC_USER envvar", required=False)
211 parser.add_argument("-p","--msfrpc-pass", help="Override MSFRPC_PASS envvar", required=False)
212 parser.add_argument("-S","--msfrpc-ssl", help="Override MSFRPC_SSL envvar", required=False, action="store_true")
213 parser.add_argument("-U","--msfrpc-uri", help="Override MSFRPC_URI envvar", required=False)
214
215 parser.add_argument("-o","--output", help="Output file", required=False)
216 parser.add_argument("-l","--log", help="Log file", required=False)
217 parser.add_argument("-x","--xml", help="XML to import in temp workspace", required=False)
218 parser.add_argument("-m","--modules", help="Modules to use", required=False)
219 parser.add_argument("-r","--resource", help="Resource to execute", required=False)
220 parser.add_argument("-O","--options", help="Modules options", required=False)
221 parser.add_argument("-c","--command", help="Command to execute (check, run, exploit)", default="check")
222 parser.add_argument("-T","--disable-tmp-ws", help="Do not create temp workspace and use current", required=False, action="store_true")
223 parser.add_argument("-q","--quiet", help="Quiet mode, set -l options to have log in a file", required=False, action="store_true")
224
225 args = parser.parse_args()
226 try:
227 client = Msfrpc({
228 "host": args.msfrpc_host if args.msfrpc_host else os.environ.get("MSFRPC_HOST"),
229 "port": args.msfrpc_port if args.msfrpc_port else os.environ.get("MSFRPC_PORT"),
230 "uri": args.msfrpc_uri if args.msfrpc_uri else os.environ.get("MSFRPC_URI"),
231 "ssl": args.msfrpc_ssl if args.msfrpc_ssl else os.environ.get("MSFRPC_SSL") == 'true'
232 })
233 client.login(args.msfrpc_user if args.msfrpc_user else os.environ.get("MSFRPC_USER"),
234 args.msfrpc_pass if args.msfrpc_pass else os.environ.get("MSFRPC_PASS"))
235 except:
236 print("ERROR: Cannot connect to server..")
237 exit(1)
238
239 cscan = CscanMsf(client, args.log, args.quiet)
240 commands = []
241 tmp_ws = None
242 current_ws = cscan.rpc_call("db.current_workspace", [], "workspace")
243
244 print(banner(args, current_ws))
245 cscan.create_console()
246
247 if not args.disable_tmp_ws and os.environ.get("CS_MSF_TMP_WS") == "enabled":
248 tmp_ws = "cscan_" + "".join(random.sample(string.ascii_lowercase,6))
249 cscan.create_ws(tmp_ws, True)
250 if args.xml:
251 cscan.import_xml_data(tmp_ws, args.xml)
252
253 if args.options:
254 for option in args.options.split(":"):
255 commands.append("setg " + option.replace("=", " "))
256 if args.modules:
257 for module in args.modules.split(","):
258 commands.append("use " + module)
259 commands.append("show options")
260 commands.append(args.command)
261 elif args.resource:
262 commands.append("resource " + args.resource)
263
264 commands.append("\r\n")
265 cscan.run_commands(commands)
266 cscan.wait_for_jobs()
267
268 if os.environ.get("CS_MSF_EXPORT") == "enabled" and args.output:
269 cscan.export_current_ws(args.output)
270
271 cscan.destroy_console()
272
273 if tmp_ws:
274 cscan.set_ws(current_ws)
275 cscan.destroy_ws(tmp_ws)
276
277 if __name__ == "__main__":
278 main()
279 # I'm Py3
+0
-372
scripts/cscan/plugin/nessus.py less more
0 #!/usr/bin/env python3
1 ###
2 ## Faraday Penetration Test IDE
3 ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
4 ## See the file 'doc/LICENSE' for the license information
5 ###
6 import requests
7 import json
8 import time
9 import sys
10 import argparse
11 import os
12 from faraday.server.config import CONST_FARADAY_HOME_PATH
13 from faraday.server.config import FARADAY_BASE
14
15 my_env = os.environ
16
17 url = my_env["CS_NESSUS_URL"] if 'CS_NESSUS_URL' in my_env else "https://192.168.10.230:8834"
18 username = my_env["CS_NESSUS_USER"] if 'CS_NESSUS_USER' in my_env else "cscan"
19 password = my_env["CS_NESSUS_PASS"] if 'CS_NESSUS_PASS' in my_env else "XqjympHtrvVU22xtK5ZZ"
20 profile = my_env["CS_NESSUS_PROFILE"] if 'CS_NESSUS_PROFILE' in my_env else "Basic Network Scan"
21
22 verify = False
23 token = ''
24
25 import urllib3
26 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
27
28
29 def build_url(resource):
30 return '{0}{1}'.format(url, resource)
31
32
33 def connect(method, resource, data=None):
34 """
35 Send a request
36
37 Send a request to Nessus based on the specified data. If the session token
38 is available add it to the request. Specify the content type as JSON and
39 convert the data to JSON format.
40 """
41 headers = {'X-Cookie': 'token={0}'.format(token),
42 'content-type': 'application/json'}
43
44 data = json.dumps(data)
45
46 if method == 'POST':
47 r = requests.post(build_url(resource), data=data, headers=headers, verify=verify)
48 elif method == 'PUT':
49 r = requests.put(build_url(resource), data=data, headers=headers, verify=verify)
50 elif method == 'DELETE':
51 r = requests.delete(build_url(resource), data=data, headers=headers, verify=verify)
52 else:
53 r = requests.get(build_url(resource), params=data, headers=headers, verify=verify)
54
55 # Exit if there is an error.
56 if r.status_code != 200:
57 e = r.json()
58 print(e['error'])
59 sys.exit()
60
61 # When downloading a scan we need the raw contents not the JSON data.
62 if 'download' in resource:
63 return r.content
64 else:
65 try:
66 return r.json()
67 except:
68 pass
69
70
71 def login(usr, pwd):
72 """
73 Login to nessus.
74 """
75 login = {'username': usr, 'password': pwd}
76 data = connect('POST', '/session', data=login)
77
78 return data['token']
79
80
81 def logout():
82 """
83 Logout of nessus.
84 """
85
86 connect('DELETE', '/session')
87
88
89 def get_policies():
90 """
91 Get scan policies
92
93 Get all of the scan policies but return only the title and the uuid of
94 each policy.
95 """
96
97 data = connect('GET', '/editor/policy/templates')
98
99 return dict((p['title'], p['uuid']) for p in data['templates'])
100
101
102 def get_history_ids(sid):
103 """
104 Get history ids
105
106 Create a dictionary of scan uuids and history ids so we can lookup the
107 history id by uuid.
108 """
109 data = connect('GET', '/scans/{0}'.format(sid))
110
111 return dict((h['uuid'], h['history_id']) for h in data['history'])
112
113
114 def get_scan_history(sid, hid):
115 """
116 Scan history details
117
118 Get the details of a particular run of a scan.
119 """
120 params = {'history_id': hid}
121 data = connect('GET', '/scans/{0}'.format(sid), params)
122
123 return data['info']
124
125
126 def add(name, desc, targets, pid):
127 """
128 Add a new scan
129
130 Create a new scan using the policy_id, name, description and targets. The
131 scan will be created in the default folder for the user. Return the id of
132 the newly created scan.
133 """
134
135 scan = {'uuid': pid,
136 'settings': {
137 'name': name,
138 'description': desc,
139 'text_targets': targets}
140 }
141
142 data = connect('POST', '/scans', data=scan)
143
144 return data['scan']
145
146
147 def update(scan_id, name, desc, targets, pid=None):
148 """
149 Update a scan
150
151 Update the name, description, targets, or policy of the specified scan. If
152 the name and description are not set, then the policy name and description
153 will be set to None after the update. In addition the targets value must
154 be set or you will get an "Invalid 'targets' field" error.
155 """
156
157 scan = {}
158 scan['settings'] = {}
159 scan['settings']['name'] = name
160 scan['settings']['desc'] = desc
161 scan['settings']['text_targets'] = targets
162
163 if pid is not None:
164 scan['uuid'] = pid
165
166 data = connect('PUT', '/scans/{0}'.format(scan_id), data=scan)
167
168 return data
169
170
171 def launch(sid):
172 """
173 Launch a scan
174
175 Launch the scan specified by the sid.
176 """
177
178 data = connect('POST', '/scans/{0}/launch'.format(sid))
179
180 return data['scan_uuid']
181
182
183 def status(sid, hid):
184 """
185 Check the status of a scan run
186
187 Get the historical information for the particular scan and hid. Return
188 the status if available. If not return unknown.
189 """
190
191 d = get_scan_history(sid, hid)
192 return d['status']
193
194
195 def export_status(sid, fid):
196 """
197 Check export status
198
199 Check to see if the export is ready for download.
200 """
201
202 data = connect('GET', '/scans/{0}/export/{1}/status'.format(sid, fid))
203
204 return data['status'] == 'ready'
205
206
207 def export(sid):
208 """
209 Make an export request
210
211 Request an export of the scan results for the specified scan and
212 historical run. In this case the format is hard coded as nessus but the
213 format can be any one of nessus, html, pdf, csv, or db. Once the request
214 is made, we have to wait for the export to be ready.
215 """
216
217 data = {'format': 'nessus'}
218
219 data = connect('POST', '/scans/{0}/export'.format(sid), data=data)
220
221 fid = data['file']
222
223 while export_status(sid, fid) is False:
224 time.sleep(5)
225
226 return fid
227
228
229 def download(sid, fid, output=None):
230 """
231 Download the scan results
232
233 Download the scan results stored in the export file specified by fid for
234 the scan specified by sid.
235 """
236
237 data = connect('GET', '/scans/{0}/export/{1}/download'.format(sid, fid))
238 # For version 7, use the nessus scan Id to avoid overwrite the output file
239 if not output:
240 print('Using Nessus 7. Ignore --output. This is normal.')
241 report_path = FARADAY_BASE / 'scripts' / 'cscan' / 'output' / \
242 f'nessus_{sid}.xml'
243 if not report_path.exists():
244 with report_path.open('w') as report:
245 print('Saving scan results to {0}.'.format(report_path))
246 report.write(data)
247
248 else:
249 print('Saving scan results to {0}.'.format(output))
250 with open(output, 'w') as report:
251 report.write(data)
252
253
254 def delete(sid):
255 """
256 Delete a scan
257
258 This deletes a scan and all of its associated history. The scan is not
259 moved to the trash folder, it is deleted.
260 """
261
262 connect('DELETE', '/scans/{0}'.format(scan_id))
263
264
265 def history_delete(sid, hid):
266 """
267 Delete a historical scan.
268
269 This deletes a particular run of the scan and not the scan itself. the
270 scan run is defined by the history id.
271 """
272
273 connect('DELETE', '/scans/{0}/history/{1}'.format(sid, hid))
274
275 def get_scans():
276 scan_list = []
277 data = connect('GET','/scans')
278 for scans in data['scans']:
279 scans_info = {}
280 scans_info['id'] = scans['id']
281 scans_info['creation_date'] = scans['creation_date']
282 scan_list.append(scans_info)
283
284 scan_list = sorted(scan_list,key=lambda scan:scan['creation_date'])
285 return scan_list
286
287 def get_date():
288 with (CONST_FARADAY_HOME_PATH/'cscan'/'date.txt').open('r') as date_file:
289 date = date_file.read()
290 try:
291 date = int(date)
292 except ValueError:
293 # Default date: September 3, 2018 20:45 (GMT)
294 return 1536007534
295
296 return date
297
298 def set_date(date):
299 with (CONST_FARADAY_HOME_PATH/'cscan'/'date.txt').open('w') as date_file:
300 date_file.write(str(date))
301
302 def get_version():
303 data = connect('GET','/server/properties')
304 return int(data['nessus_ui_version'][0])
305
306
307 def create_directory():
308 if not (CONST_FARADAY_HOME_PATH / 'cscan').exists():
309 (CONST_FARADAY_HOME_PATH / 'cscan').mkdir()
310 if not (CONST_FARADAY_HOME_PATH / 'cscan' / 'date.txt').exists():
311 (CONST_FARADAY_HOME_PATH /'cscan' / 'date.txt').open('w').close()
312
313 if __name__ == "__main__":
314 parser = argparse.ArgumentParser(description='nessus_client is develop for automating security testing')
315 parser.add_argument('-t', '--target', help='Network or Host for scan', required=False)
316 parser.add_argument('-o', '--output', help='Output file', required=False)
317 args = parser.parse_args()
318 # Review de Command input
319 if args.target is None or args.output is None:
320 print("Argument errors check -h")
321 exit(0)
322
323 print('Login')
324 try:
325 token = login(username, password)
326 except:
327 print("Unexpected error:", sys.exc_info()[0])
328 raise
329
330 version = get_version()
331 if version < 7 :
332 #For Nessus <7
333 print('Adding new scan.' + token)
334 print(args.target)
335
336 policies = get_policies()
337 policy_id = policies[profile]
338 scan_data = add('CScan nessus', 'Create a new scan with API', args.target, policy_id)
339 scan_id = scan_data['id']
340
341 print('Launching new scan.')
342 scan_uuid = launch(scan_id)
343 history_ids = get_history_ids(scan_id)
344 history_id = history_ids[scan_uuid]
345 while status(scan_id, history_id) not in ('completed', 'canceled'):
346 time.sleep(5)
347
348 print('Exporting the completed scan.')
349 file_id = export(scan_id)
350 download(scan_id, file_id, args.output)
351
352 print('Deleting the scan.')
353 history_delete(scan_id, history_id)
354 delete(scan_id)
355
356 else:
357 #For Nessus >7
358 create_directory()
359 scans = get_scans()
360 date = get_date()
361 for scan in scans:
362 if scan['creation_date'] > date:
363 set_date(scan['creation_date'])
364 print('Downloading scan. Id: {0}'.format(scan['id']))
365 file_id = export(scan['id'])
366 download(scan['id'], file_id)
367 else:
368 print('Scan up to date. Id: {0}'.format(scan['id']))
369
370 print('Logout')
371 logout()# I'm Py3
+0
-79
scripts/cscan/plugin/w3af.py less more
0 #!/usr/bin/env python3
1
2 # Faraday Penetration Test IDE
3 # Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
4 # See the file 'doc/LICENSE' for the license information
5
6
7 from w3af_api_client import Connection, Scan
8 import subprocess
9 import os
10 import argparse
11 import time
12 import signal
13 from pprint import pprint
14 import atexit
15 child_pid = None
16
17
18 def kill_child():
19 global child_pid
20 if child_pid is None:
21 pass
22 else:
23 os.kill(child_pid, signal.SIGTERM)
24
25
26 def main():
27 atexit.register(kill_child)
28
29 my_env = os.environ
30 cmd = my_env["CS_W3AF"] if 'CS_W3AF' in my_env else "/root/tools/w3af/w3af_api"
31 profile = my_env["CS_W3AF_PROFILE"] if 'CS_W3AF_PROFILE' in my_env else "/root/tools/w3af/profiles/fast_scan.pw3af"
32
33 # Parser argument in command line
34 parser = argparse.ArgumentParser(description='w3af_client is develop for automating security testing')
35 parser.add_argument('-t', '--target', help='Network or Host for scan', required=False)
36 parser.add_argument('-o', '--output', help='Output file', required=False)
37 args = parser.parse_args()
38
39 if args.target is None or args.output is None:
40 print("Argument errors check -h")
41 exit(0)
42
43 print('Starting w3af api ...')
44 global child_pid
45 proc = subprocess.Popen([cmd])
46 child_pid = proc.pid
47
48 print('Waiting for W3af to load, 5 seconds ...')
49 time.sleep(5)
50
51 # Connect to the REST API and get it's version
52 conn = Connection('http://127.0.0.1:5000/')
53 print(conn.get_version())
54
55 # Define the target and configuration
56 # scan_profile = file('/root/tools/w3af/profiles/fast_scan_xml.pw3af').read()
57 with open(profile, "r") as scan_profile_file:
58 scan_profile = "[output.xml_file]\noutput_file = %s\n%s\n" % (args.output, scan_profile_file.read())
59 # scan_profile = file('/root/tools/w3af/profiles/fast_scan.pw3af').read()
60
61 target_urls = [args.target]
62
63 scan = Scan(conn)
64 s = scan.start(scan_profile, target_urls)
65 time.sleep(2)
66
67 # Wait some time for the scan to start and then
68 scan.get_urls()
69 scan.get_log()
70 scan.get_findings()
71
72 while(scan.get_status()['status'] == "Running"):
73 print('Scan progress: %s' + str(scan.get_status()['rpm']))
74 time.sleep(2)
75
76 if __name__ == "__main__":
77 main()
78 # I'm Py3
+0
-141
scripts/cscan/plugin/zap.py less more
0 #!/usr/bin/env python3
1 ###
2 ## Faraday Penetration Test IDE
3 ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
4 ## See the file 'doc/LICENSE' for the license information
5 ###
6
7 '''
8 By tartamar
9 '''
10
11 from builtins import input
12
13 import argparse
14 import time
15 import re
16 from pprint import pprint
17 from zapv2 import ZAPv2
18 import subprocess
19 import os
20 import signal
21 import atexit
22 child_pid = None
23
24
25 def kill_child():
26 global child_pid
27 if child_pid is None:
28 pass
29 else:
30 os.kill(child_pid, signal.SIGTERM)
31
32
33 def is_http_url(page):
34 """
35 Returns true if s is valid http url, else false
36 Arguments:
37 - `page`:
38 """
39 if re.findall('http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+', page):
40 return True
41 else:
42 return False
43
44
45 def exportfile(filename,zap):
46
47 #Output for XML Report
48 print('Generating XML Report...')
49 filex = open(filename, 'w')
50 filex.write(zap.core.xmlreport)
51 filex.close()
52
53
54 def main():
55
56 atexit.register(kill_child)
57
58 my_env = os.environ
59 cmd = my_env["CS_ZAP"] if 'CS_ZAP' in my_env else "/usr/share/zaproxy/zap.sh"
60
61 # Parser argument in command line
62 parser = argparse.ArgumentParser(description='PyZap is develop for automating security testing')
63 parser.add_argument('-t', '--target', help='Network or Host for scan', required=False)
64 parser.add_argument('-o', '--output', help='Output file', required=False)
65 args = parser.parse_args()
66
67 # Review de Command input
68 if args.target is None:
69 # Do nothing
70 # Input data for test
71 target = input('[+] Enter your target: ')
72 if is_http_url(target) is True:
73 print('[-] Target selected: ', target)
74 else:
75 print('[w] Please type a correct URL address')
76 quit()
77 else:
78 # Check for valid URL addres
79 if is_http_url(args.target) is True:
80 target = args.target
81 print('[-] Target selected: ', target)
82 else:
83 print('[w] Please type a correct URL Address')
84 quit()
85 print('Starting ZAP ...')
86
87 global child_pid
88 proc = subprocess.Popen([cmd, '-daemon'])
89 child_pid = proc.pid
90
91 print('Waiting for ZAP to load, 10 seconds ...')
92 time.sleep(10)
93 zap = ZAPv2()
94 # Use the line below if ZAP is not listening on 8090
95 zap = ZAPv2(proxies={'http': 'http://127.0.0.1:8080', 'https': 'http://127.0.0.1:8080'})
96
97 # do stuff
98 print('Accessing target %s' % target)
99 # try have a unique enough session...
100 zap.urlopen(target)
101 # Give the sites tree a chance to get updated
102 time.sleep(2)
103
104 print('Spidering target %s' % target)
105 print(target)
106 zap.spider.scan(target)
107 # Give the Spider a chance to start
108 time.sleep(2)
109 # print 'Status %s' % zap.spider.status
110 while(int(zap.spider.status) < 100):
111 print('Spider progress %: ' + zap.spider.status)
112 time.sleep(2)
113
114 print('Spider completed')
115 # Give the passive scanner a chance to finish
116 time.sleep(5)
117
118 print('Scanning target %s' % target)
119 zap.ascan.scan(target)
120 while(int(zap.ascan.status) < 100):
121 print('Scan progress %: ' + zap.ascan.status)
122 time.sleep(5)
123
124 print('Scan completed')
125
126 # Report the results
127
128 print('Hosts: ' + ', '.join(zap.core.hosts))
129 # print 'Alerts: '
130 # pprint (zap.core.alerts())
131 # pprint (zap.core.xmlreport())
132 exportfile(args.output,zap)
133
134 print('Shutting down ZAP ...')
135 zap.core.shutdown
136 #EOF
137
138 if __name__ == "__main__":
139 main()
140 # I'm Py3
+0
-17
scripts/cscan/scripts/extra/msf-auto-cred-checker.sh less more
0 #!/bin/bash
1
2 xml=msf-workspace.xml
3 if ! test -f $xml; then
4 echo XML file $xml not found
5 exit 1
6 fi
7
8 NAME="$(date +%s)-$(basename $0)"
9 echo "Run msfrpc plugin.."
10 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
11 --log $(realpath $3$NAME.log) \
12 --xml $xml \
13 --resource auto_cred_checker.rc \
14 --options THREADS=100
15
16 cp $2$NAME.xml $xml
+0
-17
scripts/cscan/scripts/extra/msf-autobrute.sh less more
0 #!/bin/bash
1
2 xml=msf-workspace.xml
3 if ! test -f $xml; then
4 echo XML file $xml not found
5 exit 1
6 fi
7
8 NAME="$(date +%s)-$(basename $0)"
9 echo "Run msfrpc plugin.."
10 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
11 --log $(realpath $3$NAME.log) \
12 --xml $xml \
13 --resource auto_brute.rc \
14 --options THREADS=100
15
16 cp $2$NAME.xml $xml
+0
-22
scripts/cscan/scripts/extra/msf-autoexploit-check.sh less more
0 #!/bin/bash
1
2 xml=msf-workspace.xml
3 modules_file=msf-modules.txt
4
5 if ! test -f $xml; then
6 echo XML file $xml not found
7 exit 1
8 elif ! test -f $modules_file; then
9 echo no modules file found
10 exit 2
11 fi
12
13 while read m; do
14 NAME="$(date +%s)-$(basename $0)"
15 echo "Run msfrpc plugin.."
16 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
17 --log $(realpath $3$NAME.log) \
18 --xml $xml \
19 --resource autoexploit.rc \
20 --options MODE=check:MODULE=$m
21 done <$modules_file
+0
-22
scripts/cscan/scripts/extra/msf-autoexploit-dry.sh less more
0 #!/bin/bash
1
2 xml=msf-workspace.xml
3 modules_file=msf-modules.txt
4
5 if ! test -f $xml; then
6 echo XML file $xml not found
7 exit 1
8 elif ! test -f $modules_file; then
9 echo no modules file found
10 exit 2
11 fi
12
13 while read m; do
14 NAME="$(date +%s)-$(basename $0)"
15 echo "Run msfrpc plugin.."
16 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
17 --log $(realpath $3$NAME.log) \
18 --xml $xml \
19 --resource autoexploit.rc \
20 --options MODE=dry:MODULE=$m
21 done <$modules_file
+0
-22
scripts/cscan/scripts/extra/msf-autoexploit.sh less more
0 #!/bin/bash
1
2 xml=msf-workspace.xml
3 modules_file=msf-modules.txt
4
5 if ! test -f $xml; then
6 echo XML file $xml not found
7 exit 1
8 elif ! test -f $modules_file; then
9 echo no modules file found
10 exit 2
11 fi
12
13 while read m; do
14 NAME="$(date +%s)-$(basename $0)"
15 echo "Run msfrpc plugin.."
16 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
17 --log $(realpath $3$NAME.log) \
18 --xml $xml \
19 --resource autoexploit.rc \
20 --options MODE=exploit:MODULE=$m
21 done <$modules_file
+0
-17
scripts/cscan/scripts/extra/msf-autosploit.sh less more
0 #!/bin/bash
1
2 xml=msf-workspace.xml
3 if ! test -f $xml; then
4 echo XML file $xml not found
5 exit 1
6 fi
7
8 NAME="$(date +%s)-$(basename $0)"
9 echo "Run msfrpc plugin.."
10 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
11 --log $(realpath $3$NAME.log) \
12 --xml $xml \
13 --resource $(realpath scripts/resources/autosploit.rc) \
14 --options THREADS=100:TARGET_PLATFORM=aix,android,bsdi,dialup,firefox,freebsd,hpux,irix,linux,mainframe,multi,netware,solaris,unix,windows:BLACKLIST=freebsd/samba/trans2open,linux/samba/trans2open,osx/samba/trans2open,solaris/samba/trans2open
15
16 cp $2$NAME.xml $xml
+0
-17
scripts/cscan/scripts/extra/msf-modules-list.sh less more
0 #!/bin/bash
1
2 modules_file=msf-modules.txt
3 if ! test -f $modules_file; then
4 echo no modules file found
5 exit 1
6 fi
7
8 while read h; do
9 NAME="$(date +%s)-$(basename $0)-$h"
10 echo "Run msfrpc plugin.."
11 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
12 --log $(realpath $3$NAME.log) \
13 --modules $(sed ':a;N;$!ba;s/\n/,/g' $modules_file) \
14 --options RHOSTS=$h:RHOST=$h \
15 --command=run
16 done <$1
+0
-17
scripts/cscan/scripts/extra/msf-mssql-brute.sh less more
0 #!/bin/bash
1
2 xml=msf-workspace.xml
3 if ! test -f $xml; then
4 echo XML file $xml not found
5 exit 1
6 fi
7
8 NAME="$(date +%s)-$(basename $0)"
9 echo "Run msfrpc plugin.."
10 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
11 --log $(realpath $3$NAME.log) \
12 --xml $xml \
13 --resource mssql_brute.rc \
14 --options THREADS=100
15
16 cp $2$NAME.xml $xml
+0
-16
scripts/cscan/scripts/extra/msf-nessus-vulns-cleaner.sh less more
0 #!/bin/bash
1
2 xml=msf-workspace.xml
3 if ! test -f $xml; then
4 echo XML file $xml not found
5 exit 1
6 fi
7
8 NAME="$(date +%s)-$(basename $0)"
9 echo "Run msfrpc plugin.."
10 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
11 --log $(realpath $3$NAME.log) \
12 --resource nessus_vulns_cleaner.rc \
13 --xml $xml
14
15 cp $2$NAME.xml $xml
+0
-16
scripts/cscan/scripts/extra/msf-port-cleaner.sh less more
0 #!/bin/bash
1
2 xml=msf-workspace.xml
3 if ! test -f $xml; then
4 echo XML file $xml not found
5 exit 1
6 fi
7
8 NAME="$(date +%s)-$(basename $0)"
9 echo "Run msfrpc plugin.."
10 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
11 --log $(realpath $3$NAME.log)
12 --resource port_cleaner.rc \
13 --xml $xml
14
15 cp $2$NAME.xml $xml
+0
-18
scripts/cscan/scripts/network/msf-autoscan.sh less more
0 #!/bin/bash
1
2 xml=msf-workspace.xml
3 if ! test -f $xml; then
4 echo XML file $xml not found
5 exit 1
6 fi
7
8 NAME="$(date +%s)-$(basename $0)"
9 echo "Run msfrpc plugin.."
10 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
11 --log $(realpath $3$NAME.log) \
12 --xml $xml \
13 --resource $(realpath scripts/resources/autoscan.rc) \
14 --options MAX_LEN=100:THREADS=100:BLACKLIST=scanner/telnet/brocade_enable_login,scanner/rogue/rogue_recv \
15 --quiet
16
17 cp $2$NAME.xml $xml
+0
-10
scripts/cscan/scripts/network/msf-basic-discovery-nmap.sh less more
0 #!/bin/bash
1
2 NAME="$(date +%s)-$(basename $0)"
3 echo "Run msfrpc plugin.."
4 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
5 --log $(realpath $3$NAME.log) \
6 --resource basic_discovery.rc \
7 --options THREADS=100:NMAP=true:NMAPOPTS="$CS_NMAP_ARGS":RHOSTS=$(sed ':a;N;$!ba;s/\n/,/g' $1)
8
9 cp $2$NAME.xml msf-workspace.xml
+0
-10
scripts/cscan/scripts/network/msf-basic-discovery.sh less more
0 #!/bin/bash
1
2 NAME="$(date +%s)-$(basename $0)"
3 echo "Run msfrpc plugin.."
4 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
5 --log $(realpath $3$NAME.log) \
6 --resource basic_discovery.rc \
7 --options THREADS=100:NMAP=false:RHOSTS=$(sed ':a;N;$!ba;s/\n/,/g' $1)
8
9 cp $2$NAME.xml msf-workspace.xml
+0
-10
scripts/cscan/scripts/network/msf-portscan-nmap.sh less more
0 #!/bin/bash
1
2 NAME="$(date +%s)-$(basename $0)"
3 echo "Run msfrpc plugin.."
4 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
5 --log $(realpath $3$NAME.log) \
6 --resource portscan.rc \
7 --options THREADS=100:NMAP=true:NMAPOPTS=$CS_NMAP_ARGS:RHOSTS=$(sed ':a;N;$!ba;s/\n/,/g' $1)
8
9 cp $2$NAME.xml msf-workspace.xml
+0
-10
scripts/cscan/scripts/network/msf-portscan.sh less more
0 #!/bin/bash
1
2 NAME="$(date +%s)-$(basename $0)"
3 echo "Run msfrpc plugin.."
4 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
5 --log $(realpath $3$NAME.log) \
6 --resource portscan.rc \
7 --options THREADS=100:NMAP=false:RHOSTS=$(sed ':a;N;$!ba;s/\n/,/g' $1)
8
9 cp $2$NAME.xml msf-workspace.xml
+0
-12
scripts/cscan/scripts/network/nessus.sh less more
0 #!/bin/bash
1 ###
2 ## Faraday Penetration Test IDE
3 ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
4 ## See the file 'doc/LICENSE' for the license information
5 ###
6
7 while read h; do
8 NAME="nessus_$(date +%s).xml"
9 echo plugin/nessus.py --target $h --output $2$NAME
10 ./plugin/nessus.py --target $h --output $2$NAME
11 done <$1
+0
-9
scripts/cscan/scripts/network/nmap.sh less more
0 #!/bin/bash
1 ###
2 ## Faraday Penetration Test IDE
3 ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
4 ## See the file 'doc/LICENSE' for the license information
5 ###
6
7 NAME="nmap_$(date +%s).xml"
8 ${CS_NMAP:=nmap} $CS_NMAP_ARGS -iL $1 -oX $2$NAME
+0
-122
scripts/cscan/scripts/network/openvas.sh less more
0 #!/bin/bash
1 ###
2 ## Faraday Penetration Test IDE
3 ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
4 ## See the file 'doc/LICENSE' for the license information
5 ###
6
7 # -------------
8 # CONFIG PARAMS
9 # -------------
10 # Your Dashboard login data
11 USER_NAME=${CS_OPENVAS_USER:=admin}
12 # If you set this to None, you will be asked on startup
13 USER_PASSWORD=${CS_OPENVAS_PASSWORD:=openvas}
14
15 # Your targets, seperated by space
16 #TARGET_SRVS="localhost"
17 # The name of the OpenVAS preset for the scan
18 # The following configs are available by default:
19 # Discovery
20 # empty
21 # Full and fast
22 # Full and fast ultimate
23 # Full and very deep
24 # Full and very deep ultimate
25 # Host Discovery
26 # System Discovery
27 SCAN_CONFIG=${CS_OPENVAS_SCAN_CONFIG:='Full and fast'}
28 # A valid "alive_test" parameter
29 # Defines how it is determined if the targets are alive
30 # Currently, valid values are the following:
31 # Scan Config Default
32 # ICMP, TCP-ACK Service & ARP Ping
33 # TCP-ACK Service & ARP Ping
34 # ICMP & ARP Ping
35 # ICMP & TCP-ACK Service Ping
36 # ARP Ping
37 # TCP-ACK Service Ping
38 # TCP-SYN Service Ping
39 # ICMP Ping
40 # Consider Alive
41 ALIVE_TEST=${CS_OPENVAS_ALIVE_TEST:='ICMP, TCP-ACK Service &amp; ARP Ping'}
42
43 CS_OMP=${CS_OPENVAS:=omp}
44
45
46 function fail {
47 echo "There was an error during execution! Current action: $1"
48 exit 1
49 }
50
51 function sindex {
52 x="${1%%$2*}"
53 [[ $x = $1 ]] && echo -1 || echo ${#x}
54 }
55
56
57 THREAT=0
58 ADDRS=""
59 SRV=$1
60
61 while read h; do
62
63 echo "Processing target $h..."
64
65 echo $CS_OMP -u $USER_NAME -w $USER_PASSWORD --xml=\
66 "<create_target>\
67 <name>TARG$(date +%s)</name><hosts>$h</hosts>\
68 <alive_tests>$ALIVE_TEST</alive_tests>\
69 </create_target>"
70
71 TARGET_RETURN=$($CS_OMP -u $USER_NAME -w $USER_PASSWORD --xml=\
72 "<create_target>\
73 <name>TARG$(date +%s)</name><hosts>$h</hosts>\
74 <alive_tests>$ALIVE_TEST</alive_tests>\
75 </create_target>")
76 echo "$TARGET_RETURN" | grep -m1 'resource created' || fail 'creating target'
77
78 T_ID_INDEX=$(sindex "$TARGET_RETURN" "id=")
79 T_ID_INDEX=$((T_ID_INDEX + 4))
80 T_ID=${TARGET_RETURN:T_ID_INDEX:36}
81 echo "> Target has ID $T_ID"
82
83 C_ID=$($CS_OMP -u $USER_NAME -w $USER_PASSWORD -g | grep -i "$TEST_CONFIG")
84 if [ $? -ne 0 ]; then fail 'getting configs'; fi
85
86 C_ID=${C_ID:0:36}
87 echo "> Config $TEST_CONFIG has ID $C_ID"
88
89 J_ID=$($CS_OMP -u $USER_NAME -w $USER_PASSWORD -C -n "CScan openvas" \
90 --target="$T_ID" --config="$C_ID")
91 if [ $? -ne 0 ]; then fail 'creating job'; fi
92 echo "> Created job with ID $J_ID"
93
94 R_ID=$($CS_OMP -u $USER_NAME -w $USER_PASSWORD -S "$J_ID")
95 if [ $? -ne 0 ]; then fail 'starting job'; fi
96 echo "> Started job, report gets ID $R_ID"
97
98 while true; do
99 RET=$($CS_OMP -u $USER_NAME -w $USER_PASSWORD -G)
100 if [ $? -ne 0 ]; then fail 'querying jobs'; fi
101 RET=$(echo "$RET" | grep -m1 "$J_ID")
102 echo $RET
103 echo "$RET" | grep -m1 -i "fail" && fail 'running job'
104 echo "$RET" | grep -m1 -i -E "done|Stopped" && break
105 sleep 1
106 done
107
108 echo "> Job done, generating report..."
109
110 FILENAME=${h// /_}
111 FILENAME="openvas_${FILENAME//[^a-zA-Z0-9_\.\-]/}_$(date +%s)"
112 $CS_OMP -u $USER_NAME -w $USER_PASSWORD -R "$R_ID" > $2$FILENAME.xml
113 if [ $? -ne 0 ]; then fail 'getting report'; fi
114
115 echo "Scan done"
116
117 echo "Remove task"
118 $CS_OMP -u $USER_NAME -w $USER_PASSWORD -D "$J_ID"
119
120
121 done <$1
+0
-68
scripts/cscan/scripts/resources/autoscan.rc less more
0 # autoscan.rc
1 # Author: Sliim (Github: @Sliim / Twitter: @_Sliim_)
2
3 # This Metasploit resource script will run several auxiliary scanners
4 # against present hosts in current workspace. It get all services for
5 # all hosts, and try to find auxiliary modules starting with `scanner/`
6 # where default RPORT option match with a service.
7 # We can blacklist some modules we don't want, the BLACKLIST option
8 # is a comma separated list of module to disable.
9
10 <ruby>
11 begin
12 framework.db.hosts
13 rescue ::ActiveRecord::ConnectionNotEstablished
14 print_error("Database connection isn't established")
15 return
16 end
17
18 # Check for blacklisted modules
19 blacklist = []
20 if (framework.datastore['BLACKLIST'] != nil)
21 blacklist = framework.datastore['BLACKLIST'].split(',')
22 end
23
24 scanners = {}
25 count = 0
26 ran = 0
27
28 print_status("Getting scanners list, this may take a while...")
29 framework.db.hosts.each do |host|
30 port_list = []
31 scanners[host.address] = []
32 print_status("Host: #{host.address} - #{host.os_name}")
33 print_status("Services: ")
34 host.services.each do |serv|
35 next if not serv.host
36 next if (serv.state != Msf::ServiceState::Open)
37 print_status("> :#{serv.port.to_i} - #{serv.proto} - #{serv.name}")
38 port_list << serv.port.to_i if not port_list.include? serv.port.to_i
39 end
40
41 framework.modules.auxiliary.each do |name, mod|
42 next if blacklist.include? name
43 next if not name.starts_with? "scanner/"
44 next unless mod
45 m = mod.new
46 next unless m.datastore.has_key? 'RPORT'
47 if port_list.include? m.datastore['RPORT'].to_i
48 scanners[host.address] << name
49 count += 1
50 end
51 end
52 end
53
54 print_status("Ok! Launching #{count} scanners..")
55 scanners.each do |host, s|
56 s.each do |scanner|
57 print_line("[#{ran+1}/#{count}] Deploying auxiliary #{scanner} against #{host}")
58 run_single("use #{scanner}")
59 run_single("set RHOSTS #{host}")
60 run_single("show options")
61 run_single("run")
62 ran += 1
63 end
64 end
65
66 print_status("Done. Deployed #{ran} scanners.")
67 </ruby>
+0
-84
scripts/cscan/scripts/resources/autosploit.rc less more
0 # autosploit.rc
1 # Author: Sliim (Github: @Sliim / Twitter: @_Sliim_)
2
3 # This Metasploit resource script will run several exploits against
4 # present hosts in current workspace. It get all services for all hosts,
5 # and try to find exploits where default RPORT option match with a service.
6 # We can blacklist some modules we don't want, the BLACKLIST option is a
7 # comma separated list of module to disable.
8 # The TARGET_PLATFORM option can be used to define which platform we target
9 # (ex: if all hosts are linux os, no need to launch windows exploits).
10 # Tested on metasploitable 2. Got 6/7 shells without effort :)
11
12 <ruby>
13 begin
14 framework.db.hosts
15 rescue ::ActiveRecord::ConnectionNotEstablished
16 print_error("Database connection isn't established")
17 return
18 end
19
20 # Check for target platform list
21 if (framework.datastore['TARGET_PLATFORM'] == nil)
22 run_single("setg TARGET_PLATFORM aix,android,apple_ios,bsdi,dialup,firefox,freebsd,hpux,irix,linux,mainframe,multi,netware,osx,solaris,unix,windows")
23 end
24
25 # Check for blacklisted modules
26 blacklist = []
27 if (framework.datastore['BLACKLIST'] != nil)
28 blacklist = framework.datastore['BLACKLIST'].split(',')
29 end
30
31 sploits = {}
32 count = 0
33 ran = 0
34
35 print_status("Getting vulns list, this may take a while...")
36 framework.db.hosts.each do |host|
37 port_list = []
38 sploits[host.address] = []
39 print_status("Host: #{host.address} - #{host.os_name}")
40 print_status("Services: ")
41 host.services.each do |serv|
42 next if not serv.host
43 next if (serv.state != Msf::ServiceState::Open)
44 print_status("> :#{serv.port} - #{serv.proto} - #{serv.name}")
45 port_list << serv.port.to_i if not port_list.include? serv.port.to_i
46 end
47
48 framework.modules.exploits.each do |name, mod|
49 next if not framework.datastore['TARGET_PLATFORM'].split(',').include? name.split('/')[0]
50 next if blacklist.include? name
51
52 # TODO Improve platform detection / exploit selection
53 if host.os_name
54 next if name.split('/')[0] == 'windows' && ! host.os_name.match(/Windows/)
55 next if name.split('/')[0] != 'windows' && host.os_name.match(/Windows/)
56 end
57 next unless mod
58 m = mod.new
59 next unless m.datastore.has_key? 'RPORT'
60 if port_list.include? m.datastore['RPORT'].to_i
61 sploits[host.address] << name
62 count += 1
63 end
64 end
65 end
66
67 print_status("Ok dude! I found #{count} matching sploits! #{'Take a beer!' if count > 100}")
68
69 sploits.each do |host, s|
70 s.each do |sploit|
71 print_status("[#{ran+1}/#{count}] Deploying exploit #{sploit} against #{host}")
72 run_single("use #{sploit}")
73 run_single("set RHOST #{host}")
74 run_single("set LPORT #{4444 + rand(65535-44444)}")
75 run_single("show options")
76 run_single("exploit -z")
77 ran += 1
78 print_status('Take another beer ;)') if ran % 100 == 0
79 end
80 end
81
82 print_status("Done. Tried #{ran}/#{count} exploits.")
83 </ruby>
+0
-12
scripts/cscan/scripts/web/burp.sh less more
0 #!/bin/bash
1 ###
2 ## Faraday Penetration Test IDE
3 ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
4 ## See the file 'doc/LICENSE' for the license information
5 ###
6 CMD=${CS_BURP:=/root/tools/burpsuite_pro_v1.6.26.jar}
7 while read h; do
8 NAME="burp_$(date +%s).xml"
9 echo java -jar -Xmx1g -Djava.awt.headless=true $CMD $h XML $2$NAME
10 java -jar -Xmx1g -Djava.awt.headless=true $CMD $h XML $2$NAME
11 done <$1
+0
-17
scripts/cscan/scripts/web/msf-autocrawler.sh less more
0 #!/bin/bash
1
2 xml=msf-workspace.xml
3 if ! test -f $xml; then
4 echo XML file $xml not found
5 exit 1
6 fi
7
8 NAME="$(date +%s)-$(basename $0)"
9 echo "Run msfrpc plugin.."
10 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
11 --log $(realpath $3$NAME.log) \
12 --xml $xml \
13 --resource autocrawler.rc \
14 --options THREADS=100
15
16 cp $2$NAME.xml $xml
+0
-13
scripts/cscan/scripts/web/msf-http-dir.sh less more
0 #!/bin/bash
1
2 while read h; do
3 NAME="$(date +%s)-$(basename $0)"
4 HOST=$(echo $h | cut -d/ -f3 | cut -d: -f1)
5 PORT=$(echo $h | cut -d/ -f3 | cut -d: -f2)
6 echo "Run msfrpc plugin.."
7 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
8 --log $(realpath $3$NAME.log) \
9 --modules auxiliary/scanner/http/dir_scanner \
10 --options RHOSTS=$HOST:RPORT=$PORT \
11 --command=run
12 done <$1
+0
-17
scripts/cscan/scripts/web/msf-wmap-autotest.sh less more
0 #!/bin/bash
1
2 xml=msf-workspace.xml
3 if ! test -f $xml; then
4 echo XML file $xml not found
5 exit 1
6 fi
7
8 NAME="$(date +%s)-$(basename $0)"
9 echo "Run msfrpc plugin.."
10 ./plugin/msfrpc.py --output $(realpath $2$NAME.xml) \
11 --log $(realpath $3$NAME.log) \
12 --xml $xml \
13 --resource wmap_autotest.rc \
14 --options THREADS=100:WMAP_PROFILE=profile
15
16 cp $2$NAME.xml $xml
+0
-10
scripts/cscan/scripts/web/nikto.sh less more
0 #!/bin/bash
1 ###
2 ## Faraday Penetration Test IDE
3 ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
4 ## See the file 'doc/LICENSE' for the license information
5 ###
6 while read h; do
7 NAME="nikto_$(date +%s).xml"
8 ${CS_NIKTO:=nikto} $CS_NIKTO_ARGS -host $h -output $2$NAME -Format XML
9 done <$1
+0
-15
scripts/cscan/scripts/web/w3af.sh less more
0 #!/bin/bash
1 ###
2 ## Faraday Penetration Test IDE
3 ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
4 ## See the file 'doc/LICENSE' for the license information
5 ###
6
7
8 while read h; do
9 NAME="w3af_$(date +%s).xml"
10 echo plugin/w3af.py --target $h --output $2$NAME
11 ./plugin/w3af.py --target $h --output $2$NAME
12 done <$1
13 #fix zombie w3af
14 kill -9 $(ps aux | grep w3af_api | awk -F" " {'print $2'}) 2> /dev/null
+0
-12
scripts/cscan/scripts/web/zap.sh less more
0 #!/bin/bash
1 ###
2 ## Faraday Penetration Test IDE
3 ## Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
4 ## See the file 'doc/LICENSE' for the license information
5 ###
6
7 while read h; do
8 NAME="zap_$(date +%s).xml"
9 echo ./plugin/zap.py --target $h --output $2$NAME
10 ./plugin/zap.py --target $h --output $2$NAME
11 done <$1
+0
-1
scripts/cscan/websites.txt less more
0 http://localhost:80
+0
-62
scripts/fix_vulnweb_without_service.py less more
0 import faraday.server.config
1 from faraday.server.models import (
2 Host,
3 Service,
4 Workspace,
5 VulnerabilityWeb,
6 )
7
8 import sys
9 from datetime import datetime
10 from sqlalchemy import create_engine, text
11 from sqlalchemy.orm import sessionmaker
12
13
14 def change_vulns(affected_vulns, workspace):
15 vulns_id = []
16 for vuln in affected_vulns:
17 assert vuln.service_id == None and vuln.type == 'vulnerability_web'
18 session.execute(text("""
19 UPDATE vulnerability SET type=\'vulnerability\' where id= :affected_vuln_id ;
20 """), {'affected_vuln_id': vuln.id})
21
22 vulns_id.append(vuln.id)
23 session.commit()
24
25 print("[+] {vulns_length} vulnerabilities changed in workspace named {ws_name}"
26 .format(vulns_length=len(affected_vulns),
27 ws_name=workspace.name))
28 print(" Vulnerabilities ID: {ids}".format(ids=vulns_id))
29
30
31 conn_string = faraday.server.config.database.connection_string
32 engine = create_engine(conn_string)
33 Session = sessionmaker(bind=engine)
34 session = Session()
35
36 workspaces = session.query(Workspace)
37
38 log_file = 'fix_vulnweb_without_service_logs.log'
39 with open(log_file, 'a') as log:
40 date_executed = 'Script executed at {}\n'.format(datetime.now().strftime("%m-%d-%Y %H:%M"))
41 log.write(date_executed)
42
43 # Redirect prints to log file
44 orig_stdout = sys.stdout
45 sys.stdout = log
46
47 for ws in workspaces.all():
48 vulns_web = session.query(VulnerabilityWeb).filter_by(workspace_id=ws.id, service_id=None)
49 if vulns_web.all():
50 change_vulns(vulns_web.all(), ws)
51 else:
52 print("[-] No vulnerabilities to change in workspace named {ws_name}".format(ws_name=ws.name))
53
54 sys.stdout = orig_stdout
55
56 # Print log file
57 with open(log_file, 'r') as log:
58 print(log.read())
59
60 print("Logs saved in file named {}".format(log_file))
61 # I'm Py3
+0
-106
scripts/reposify/reposify.py less more
0 #!/usr/bin/env python
1 '''
2 Faraday Penetration Test IDE
3 Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
4 See the file 'doc/LICENSE' for the license information
5
6 '''
7 import sys
8 import xmlrpc.client
9 import argparse
10 import base64
11
12 from reposify_api import *
13
14 __author__ = "Reposify"
15 __version__ = "1.0.0"
16 __email__ = "[email protected]"
17 __status__ = "Development"
18
19
20 def strip_non_ascii(string):
21 ''' Returns the string without non ASCII characters'''
22 stripped = (c for c in string if 0 < ord(c) < 127)
23 return ''.join(stripped)
24
25 def send_faraday(results):
26 for device in results['devices']:
27 send_faraday_device(device)
28
29
30 def send_faraday_device(result):
31 print('IP: %s' % result['ip_address'])
32
33 if args.debug == "1":
34 print('===============')
35 for key in result.keys():
36 print("kname:" + key + ", value:" + str(result[key]))
37
38 h_id = api.createAndAddHost(str(result['ip_address']))
39 i_id = api.createAndAddInterface(h_id,str(result['ip_address']),"00:00:00:00:00:00", str(result['ip_address']), "0.0.0.0", "0.0.0.0",[],
40 "0000:0000:0000:0000:0000:0000:0000:0000","00","0000:0000:0000:0000:0000:0000:0000:0000",
41 [],"",result['domain'] if result['domain'] is not None else [])
42
43 for service in result['services']:
44 s_id = api.createAndAddServiceToInterface(h_id, i_id, str(service['name']) if service.has_key('name') else str(service['port']),
45 "tcp",[int(service['port'])],"open",str(service['version']) if service.has_key('version') else "")
46 if service['banner'] is not None:
47 service['banner'] = base64.b64encode(strip_non_ascii(str(service['banner']))) #fix: to avoid non ascii caracters
48
49 if service['banner'] is not None:
50 n_id = api.createAndAddNoteToService(h_id,s_id,"banner",str(service['banner']))
51
52 #Notes - Information geo/shadon
53 n_id = api.createAndAddNoteToHost(h_id,"geo_country",result['location']['country_name'] if result['location']['country_name'] is not None else "" )
54 n_id = api.createAndAddNoteToHost(h_id,"geo_latitude",str(result['location']['latitude']) if result['location']['latitude'] is not None else "")
55 n_id = api.createAndAddNoteToHost(h_id,"geo_longitude",str(result['location']['longitude']) if result['location']['longitude'] is not None else "")
56 n_id = api.createAndAddNoteToHost(h_id,"reposify_search_banner",args.reposify_banner)
57 n_id = api.createAndAddNoteToHost(h_id,"reposify_search_filters",args.reposify_filters)
58
59 # Input validation
60
61 #arguments parser
62 parser = argparse.ArgumentParser(prog='reposify_faraday', epilog="Example: ./%(prog)s.py -q Apache")
63 parser.add_argument('-b', '--banner', action="store", type=str, required=False, dest='reposify_banner', help='reposify search banner')
64 parser.add_argument('-f', '--filters', action="store", type=str, required=False, dest='reposify_filters', help='reposify search filter')
65 parser.add_argument('-c', '--count', action="store", type=str, required=False, dest='count', default="1", help='Numbers of pages of results to get')
66 parser.add_argument('-a', '--reposify_key', action="store", type=str, required=True, dest='skey', help='reposify key api')
67 parser.add_argument('--faradayapi', '-fapi', action='store', type=str, dest='faradayapi', default="http://127.0.0.1:9876/", help='Faraday URL Api')
68 parser.add_argument('--debug', '-d', action='store', type=str, dest='debug', default="0", help='Debug <0>,<1>')
69 parser.add_argument('--version', "-v", action='version', version='%(prog)s v1.1')
70
71 #arguments put in variables
72 args = parser.parse_args()
73
74 try:
75 # Setup the apis
76 api = xmlrpc.client.ServerProxy(args.faradayapi)
77
78 results = reposify_search(args.skey, args.reposify_banner, args.reposify_filters, 1)
79 print('Results found: %s, banner "%s", filters "%s' % (results['total_count'], args.reposify_banner, args.reposify_filters))
80 send_faraday(results)
81
82 if results['pagination']['has_more'] == True:
83 for c_page in range(1,int(args.count)):
84 results = reposify_search(args.skey, args.reposify_banner, args.reposify_filters, c_page + 1)
85 send_faraday(results)
86 if results['pagination']['has_more'] != True:
87 break;
88
89 except xmlrpc.client.ProtocolError as e:
90 if e.errcode == 500:
91 print("[ERROR] Faraday Api error:", sys.exc_info()[0])
92 pass
93 else:
94 print("[ERROR] Unexpected error:", sys.exc_info()[0])
95 print(e.__dict__)
96 raise
97
98 except Exception as e:
99 print("Unexpected error:", sys.exc_info()[0])
100 print(e.__dict__)
101 raise
102
103
104
105 # I'm Py3
+0
-75
scripts/reposify/reposify_api.py less more
0 '''
1 Faraday Penetration Test IDE
2 Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
3 See the file 'doc/LICENSE' for the license information
4
5 '''
6
7 import requests
8 import simplejson
9
10 def api_request(key, function, params=None, data=None, base_url='https://api.reposify.com', method='get', retries=1):
11 """General-purpose function to create web requests to REPOSIFY.
12
13 Arguments:
14 function -- name of the function you want to execute
15 params -- dictionary of parameters for the function
16
17 Returns
18 A dictionary containing the function's results.
19
20 """
21 # Add the API key parameter automatically
22 params['token'] = key
23
24 # Send the request
25 tries = 0
26 error = False
27 while tries <= retries:
28 try:
29 if method.lower() == 'post':
30 data = requests.post(base_url + function, simplejson.dumps(data), params=params, headers={'content-type': 'application/json'})
31 elif method.lower() == 'delete':
32 data = requests.delete(base_url + function, params=params)
33 else:
34 data = requests.get(base_url + function, params=params)
35
36 # Exit out of the loop
37 break
38 except:
39 error = True
40 tries += 1
41
42 if error and tries >= retries:
43 raise APIError('Unable to connect to Reposify')
44
45 # Check that the API key wasn't rejected
46 if data.status_code == 401:
47 try:
48 raise APIError(data.json()['error'])
49 except:
50 pass
51 raise APIError('Invalid API key')
52
53 # Parse the text into JSON
54 try:
55 data = data.json()
56 except:
57 raise APIError('Unable to parse JSON response')
58
59 # Raise an exception if an error occurred
60 if type(data) == dict and data.get('error', None):
61 raise APIError(data['error'])
62
63 # Return the data
64 return data
65
66 def reposify_search(key, banner, filters, page):
67 params = {'page' : page }
68 if banner is not None:
69 params['banner'] = banner
70 if filters is not None:
71 params['filters'] = filters
72 res = api_request(key, '/v1/insights/search', params, None, 'https://api.reposify.com', 'get', 1)
73 return res
74 # I'm Py3
+0
-108
scripts/shodan_faraday.py less more
0 #!/usr/bin/env python
1 '''
2 Faraday Penetration Test IDE
3 Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
4 See the file 'doc/LICENSE' for the license information
5
6 '''
7
8 import shodan
9 import sys
10 import xmlrpc.client
11 import argparse
12 import base64
13
14 __author__ = "Francisco Amato"
15 __copyright__ = "Copyright 2014, Faraday Project"
16 __credits__ = ["Francisco Amato"]
17 __license__ = ""
18 __version__ = "1.0.2"
19 __maintainer__ = "Francisco Amato"
20 __email__ = "[email protected]"
21 __status__ = "Development"
22
23 # Configuration
24 SHODAN_API_KEY = ""
25
26 def strip_non_ascii(string):
27 ''' Returns the string without non ASCII characters'''
28 stripped = (c for c in string if 0 < ord(c) < 127)
29 return ''.join(stripped)
30
31 def send_faraday(result):
32 print('IP: %s' % result['ip_str'])
33
34 if result['data'] is not None:
35 result['data'] = base64.b64encode(str(strip_non_ascii(result['data']))) #fix: to avoid non ascii caracters
36 if args.debug == "1":
37 print('===============')
38 for key in result.keys():
39 print("kname:" + key + ", value:" + str(result[key]))
40
41 h_id = api.createAndAddHost(str(result['ip_str']),str(result['os']) if result['os'] is not None else "")
42 #i_id = api.createAndAddInterface(h_id,str(result['ip_str']),"00:00:00:00:00:00", str(result['ip_str']), "0.0.0.0", "0.0.0.0",[],
43 # "0000:0000:0000:0000:0000:0000:0000:0000","00","0000:0000:0000:0000:0000:0000:0000:0000",
44 # [],"",result['hostnames'] if result['hostnames'] is not None else [])
45 s_id = api.createAndAddServiceToHost(h_id, str(result['product']) if result.has_key('product') else str(result['port']),
46 "tcp",[str(result['port'])],"open",str(result['version']) if result.has_key('version') else "")
47
48 if result['data'] is not None:
49 n_id = api.createAndAddNoteToService(h_id, s_id, "shadon_response", str(result['data']))
50
51 #Notes - Information geo/shadon
52 n_id = api.createAndAddNoteToHost(h_id, "geo_country", result['location']['country_name'] if result['location']['country_name'] is not None else "" )
53 n_id = api.createAndAddNoteToHost(h_id, "geo_latitude", result['location']['latitude'] if result['location']['latitude'] is not None else "")
54 n_id = api.createAndAddNoteToHost(h_id, "geo_longitude", result['location']['longitude'] if result['location']['longitude'] is not None else "")
55 n_id = api.createAndAddNoteToHost(h_id, "shadon_q", args.shodan_query)
56
57 # Input validation
58
59 #arguments parser
60 parser = argparse.ArgumentParser(prog='shodan_faraday', epilog="Example: ./%(prog)s.py -q Apache")
61 parser.add_argument('-q', '--query', action="store", type=str, required=True, dest='shodan_query', help='shadon search query')
62 parser.add_argument('-c', '--count', action="store", type=str, required=False, dest='count', default="50", help='Numbers of results to get, for all results use "all"')
63 parser.add_argument('-a', '--shodan_key', action="store", type=str, dest='skey', default=SHODAN_API_KEY, help='shodan key api')
64 parser.add_argument('--faradayapi', '-fapi', action='store', type=str, dest='faradayapi', default="http://127.0.0.1:9876/", help='Faraday URL Api')
65 parser.add_argument('--debug', '-d', action='store', type=str, dest='debug', default="0", help='Debug <0>,<1>')
66 parser.add_argument('--version', "-v", action='version', version='%(prog)s v1.1')
67
68 #arguments put in variables
69 args = parser.parse_args()
70
71 try:
72 # Setup the apis
73 api = xmlrpc.client.ServerProxy(args.faradayapi)
74 shodan_api = shodan.Shodan(args.skey)
75 c_page=1
76
77 results = shodan_api.search(args.shodan_query)
78 print('Results found: %s, query "%s"' % (results['total'], args.shodan_query))
79
80 for r in shodan_api.search_cursor(args.shodan_query, minify=True, retries=5):
81 if args.count != "all" and c_page >= int(args.count):
82 break
83
84 send_faraday(r)
85 c_page+=1
86
87
88 except xmlrpc.client.ProtocolError as e:
89 if e.errcode == 500:
90 print("[ERROR] Faraday Api error:", sys.exc_info()[0])
91 pass
92 else:
93 print("[ERROR] Unexpected error:", sys.exc_info()[0])
94 print(e.__dict__)
95 raise
96 except shodan.client.APIError as e:
97 print("[ERROR] :", sys.exc_info()[0])
98 raise
99
100 except Exception as e:
101 print("Unexpected error:", sys.exc_info()[0])
102 print(e.__dict__)
103 raise
104
105
106
107 # I'm Py3
+0
-252
scripts/shodan_strings/router.txt less more
0 ###
1 ## Faraday Penetration Test IDE
2 ## Copyright (C) 2014 Infobyte LLC (http://www.infobytesec.com/)
3 ## See the file 'doc/LICENSE' for the license information
4 ###
5 # Version 1.0.0
6 110TC2
7 16NX073012001
8 16NX080112001
9 16NX080112002
10 16NX081412001
11 16NX081812001
12 410TC1
13 450TC1
14 450TC2
15 480TC1
16 AAM6000EV/Z2
17 AAM6010EV
18 AAM6010EV/Z2
19 AAM6010EV-Z2
20 AAM6020BI
21 AAM6020BI-Z2
22 AAM6020VI/Z2
23 AD3000W
24 ADSL Modem
25 ADSL Modem/Router
26 ADSL
27 AirLive ARM201
28 AirLive ARM-204
29 AirLive ARM-204 Annex A
30 AirLive ARM-204 Annex B
31 AirLive WT-2000ARM
32 AirLive WT-2000ARM Annex A
33 AirLive WT-2000ARM Annex B
34 AMG1001-T10A
35 APPADSL2+
36 APPADSL2V1
37 AR-7182WnA
38 AR-7182WnB
39 AR-7186WnA/B
40 AR-7286WNA
41 AR-7286WnB
42 Arcor-DSL WLAN-Modem 100
43 Arcor-DSL WLAN-Modem 200
44 AZ-D140W
45 Billion Sky
46 BiPAC 5102C
47 BiPAC 5102S
48 BiPAC 5200S
49 BIPAC-5100 ADSL
50 BLR-TX4L
51 BW554
52 C300APRA2+
53 Compact ADSL2+
54 D-5546
55 D-7704G
56 Delsa Telecommunication
57 D-Link_DSL-2730R
58 DM 856W
59 DSL-2110W
60 DSL-2120
61 DSL-2140
62 DSL-2140W
63 DSL-2520U
64 DSL-2520U_Z2
65 DSL-2600U
66 DSL-2640R
67 DSL-2641R
68 DSL-2680
69 DSL-2740R
70 DSL-320B
71 DSL-321B
72 DSL-3680
73 DT 815
74 DT 820
75 DT 845W
76 DT 850W
77 DWR-TC14 ADSL Modem
78 EchoLife HG520s
79 EchoLife Home Gateway
80 EchoLife Portal de Inicio
81 GO-DSL-N151
82 HB-150N
83 HB-ADSL-150N
84 Hexabyte ADSL
85 Home Gateway
86 iB-LR6111A
87 iB-WR6111A
88 iB-WR7011A
89 iB-WRA150N
90 iB-WRA300N
91 iB-WRA300N3G
92 IES1248-51
93 KN.3N
94 KN.4N
95 KR.KQ
96 KR.KS
97 KR.XL
98 KR.XM
99 KR.XM\t
100 KR.YL
101 Linksys BEFDSR41W
102 LW-WAR2
103 M-101A
104 M-101B
105 M-200 A
106 M-200 B
107 MN-WR542T
108 MS8-8817
109 MT800u-T ADSL
110 MT880r-T ADSL
111 MT882r-T ADSL
112 MT886
113 mtnlbroadband
114 NetBox NX2-R150
115 Netcomm NB14
116 Netcomm NB14Wn
117 NP-BBRsx
118 OMNI ADSL LAN EE(Annex A)
119 P202H DSS1
120 P653HWI-11
121 P653HWI-13
122 P-660H-D1
123 P-660H-T1 v3s
124 P-660H-T3 v3s
125 P-660HW-D1
126 P-660R-D1
127 P-660R-T1
128 P-660R-T1 v3
129 P-660R-T1 v3s
130 P-660R-T3 v3
131 P-660R-T3 v3s
132 P-660RU-T1
133 P-660RU-T1 v3
134 P-660RU-T1 v3s
135 P-660RU-T3 v3s
136 PA-R11T
137 PA-W40T-54G
138 Cerberus P 6311-072
139 PL-DSL1
140 PN-54WADSL2
141 PN-ADSL101E
142 Portal de Inicio
143 POSTEF-8840
144 POSTEF-8880
145 Prestige 623ME-T1
146 Prestige 623ME-T3
147 Prestige 623R-A1
148 Prestige 623R-T1
149 Prestige 623R-T3
150 Prestige 645
151 Prestige 645R-A1
152 Prestige 650
153 Prestige 650H/HW-31
154 Prestige 650H/HW-33
155 Prestige 650H-17
156 Prestige 650H-E1
157 Prestige 650H-E3
158 Prestige 650H-E7
159 Prestige 650HW-11
160 Prestige 650HW-13
161 Prestige 650HW-31
162 Prestige 650HW-33
163 Prestige 650HW-37
164 Prestige 650R-11
165 Prestige 650R-13
166 Prestige 650R-31
167 Prestige 650R-33
168 Prestige 650R-E1
169 Prestige 650R-E3
170 Prestige 650R-T3
171 Prestige 652H/HW-31
172 Prestige 652H/HW-33
173 Prestige 652H/HW-37
174 Prestige 652R-11
175 Prestige 652R-13
176 Prestige 660H-61
177 Prestige 660HW-61
178 Prestige 660HW-67
179 Prestige 660R-61
180 Prestige 660R-61C
181 Prestige 660R-63
182 Prestige 660R-63/67
183 Prestige 791R
184 Prestige 792H
185 RAWRB1001
186 RE033
187 RTA7020
188 RWS54
189 SG-1250
190 SG-1500
191 SmartAX
192 SmartAX MT880
193 SmartAX MT882
194 SmartAX MT882r-T
195 SmartAX MT882u
196 Sterlite
197 Sweex MO300
198 T514
199 TD811
200 TD821
201 TD841
202 TD854W
203 TD-8616
204 TD-8811
205 TD-8816
206 TD-8816 1.0
207 TD-8816 2.0
208 TD-8816B
209 TD-8817
210 TD-8817 1.0
211 TD-8817 2.0
212 TD-8817B
213 TD-8820
214 TD-8820 1.0
215 TD-8840T
216 TD-8840T 2.0
217 TD-8840TB
218 TD-W8101G
219 TD-W8151N
220 TD-W8901G
221 TD-W8901G 3.0
222 TD-W8901GB
223 TD-W8901N
224 TD-W8951NB
225 TD-W8951ND
226 TD-W8961N
227 TD-W8961NB
228 TD-W8961ND
229 T-KD318-W
230 TrendChip ADSL
231 UM-A+ Asotel
232 Vodafone ADSL
233 vx811r
234 WA3002-g1
235 WA3002G4
236 WA3002-g4
237 WBR-3601
238 WebShare 111 WN
239 WebShare 141 WN
240 WebShare 141 WN+
241 Wireless ADSL Modem/Router
242 Wireless-N 150Mbps ADSL
243 Router
244 ZXDSL 831CII
245 ZXDSL 831II
246 ZXHN H108L
247 ZXV10 W300
248 ZXV10 W300B
249 ZXV10 W300D
250 ZXV10 W300E
251 ZXV10 W300S
+0
-73
scripts/shodan_strings/scada.txt less more
0 ###
1 ## Faraday Penetration Test IDE
2 ## Copyright (C) 2014 Infobyte LLC (http://www.infobytesec.com/)
3 ## See the file 'doc/LICENSE' for the license information
4 ###
5 # Version 1.0.0
6 title:scada
7 modicon
8 VxWorks
9 title:ISC Scada
10 flexim
11 plc
12 port:161 simatic
13 Moxa
14 Simatic+S7
15 Portal0000
16 powered by SpiderControl TM
17 niagara_audit -login
18 AKCP
19 schneider
20 port:44818
21 Z-World Rabbit 200 OK
22 EIG Embedded Web Server
23 iq3
24 THUS plc
25 title:phasefale
26 Stulz GmbH Klimatechnik
27 enteliTOUCH
28 HMI, XP277
29 title:adcon
30 wince Content-Length:12581
31 honeywell Excel
32 honeywell BNA
33 Console terminal type
34 CLP
35 GoAhead-Webs InitialPage.asp
36 RuggedCom
37 Bacnet
38 200 OK i.LON
39 enterasys
40 serverview
41 IPC@CHIP title:Start
42 Schleifenbauer
43 SCHNEIDER TSX ETG3021
44 Simatic -S7 HMI
45 Simatic -S7 -HMI
46 Jetty 3.1.8 (Windows 2000 5.0 x86) 200 OK
47 A850+Telemetry+Gateway
48 ABB+Webmodule
49 Allen-Bradley
50 /BroadWeb/
51 Cimetrics+Eplus+Web+Server
52 CIMPLICITY
53 CitectSCADA
54 EIG+Embedded+Web+Server
55 eiPortal
56 EnergyICT
57 ioLogik
58 Modbus+Bridge
59 ModbusGW
60 Modicon+M340+CPU
61 Niagara+Web+Server
62 NovaTech+HTTPD
63 Powerlink
64 Reliance+4+Control+Server
65 RTS+Scada
66 RTU560
67 SIMATIC+NET
68 Simatic+S7
69 SoftPLC
70 TAC/Xenta
71 WAGO
72 webSCADA-Modbus
+0
-33
scripts/shodan_strings/webcam.txt less more
0 ###
1 ## Faraday Penetration Test IDE
2 ## Copyright (C) 2014 Infobyte LLC (http://www.infobytesec.com/)
3 ## See the file 'doc/LICENSE' for the license information
4 ###
5 # Version 1.0.0
6 Server:SQ-WEBCAM
7 Basic realm="logitec"
8 webcamxp
9 Axis+camera
10 Axis+video
11 Grandstream
12 IQinVision
13 Mobotix
14 Panasonic AVC Server
15 Samsung camera
16 TRENDnet
17 Vivotek
18 netcam
19 axis-cgi/jpg
20 view/index.shtml
21 Boa+ipcam
22 d-Link Internet Camera
23 Server: GeoHttpServer
24 imagiatek+ipcam
25 title:"IP CAMERA Viewer" Content-Length: 703
26 title:"DCS" camera
27 LNE3003 Wireless IP Camera
28 FlexiDome
29 title:"RPi Cam Control"
30 title:"WVC210 Wireless-G PTZ Internet Camera with Audio"
31 title:"WV"+Camera
32 airlive aircam
+0
-300
scripts/sslcheck.py less more
0 #!/usr/bin/env python3
1 '''
2 Faraday Penetration Test IDE
3 Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
4 See the file 'doc/LICENSE' for the license information
5
6 '''
7
8 #libraries
9 import subprocess
10 import argparse
11 import re
12 import sys
13 import xml.etree.cElementTree as ET
14
15 if subprocess.call("openssl version", shell=True, stdout=subprocess.PIPE):
16 sys.stderr.write("[+]OpenSSL package needed\n")
17 exit(1)
18
19 program_options = ('key', 'ren', 'sign', 'serv', 'cyph', 'forw', 'heart', 'crime', 'all')
20 openssl_protocols = {'ssl3':'SSLv3',
21 'tls1':'TLSv1',
22 'tls1_1':'TLSv1.1',
23 'tls1_2':'TLSv1.2'}
24 openssl_insecure_cyphers = {'RC','MD5','MD4','MD2','SHA0','SHA1', 'NULL','aNULL',
25 'eNULL','ADH','EXP','DES','LOW','PSK','SRP','DSS'}
26 openssl_cyphers = subprocess.check_output("openssl ciphers 'ALL:eNULL'",shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE).split(":")
27
28 parser = argparse.ArgumentParser(prog='SensorProbeClient', epilog="Scan availables: | KeySize: key | Signature Cipher: sign |Renegotiation: ren | Services available: serv | Cypher availables: cyph | Forward Secrecy: forw | Heartbleed test: heart | Crime test: crime")
29 parser.add_argument('-r', action="store", type=str, choices=program_options, dest='choice', default="all", nargs='+', help='store the scan(s) requested by the users')
30 parser.add_argument('--port', '-port', action="store", type=int, dest='port', default="443", help='store the port to scan')
31 parser.add_argument('--xml', '-xml', action='store', type=str, dest='xmloutput', help='enabled the XML output in a specified file')
32 parser.add_argument('host', nargs='+', type=str, help='store the target\'s host address (domain name or ipv4) separated by a space')
33 parser.add_argument('--version', "-v", action='version', version='%(prog)s v1.0 by Morgan Lemarechal')
34
35 args = parser.parse_args()
36
37 def connection_test(host,port):
38 for i in range(1,6):
39 try:
40 subprocess.check_output("openssl s_client -connect {}:{} < /dev/null".format(host,port), shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE)
41 return
42 except subprocess.CalledProcessError:
43 print("[+]Connection failed... [ {} / 5 ]".format(i))
44 print("[+]Connection to the host impossible")
45 exit(1)
46
47 def basic_connect(host,port):
48 result = subprocess.check_output("openssl s_client -connect {}:{} < /dev/null".format(host,port), shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE)
49 return result.split("\n")
50
51 def complex_connect(host,port):
52 result = ""
53 for sprotocol, protocol in openssl_protocols.items():
54 try:
55 result += subprocess.check_output("openssl s_client -{} -connect {}:{} < /dev/null".format(sprotocol,host,port),shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE)
56 except subprocess.CalledProcessError:
57 #-----------------------------------XML_Export-----------------------------------#
58 if args.xmloutput:
59 protocolx = ET.SubElement(scan, protocol)
60 protocolx.text="no"
61 #-----------------------------------XML_Export-----------------------------------#
62 if protocol == "TLSv1.1" or protocol == "TLSv1.2":
63 print(" \033[0;41m{} not supported\033[0m".format(protocol))
64 else:
65 print(" {} not supported".format(protocol))
66 return result.split("\n")
67 def tlsdebug_connect(host,port):
68 result = subprocess.check_output("openssl s_client -tlsextdebug -connect {}:{} < /dev/null".format(host,port),shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE)
69 return result.split("\n")
70
71 def sign_connect(host,port):
72 signScript = """
73 echo "HEAD / HTTP/1.0
74 EOT
75 " \
76 | openssl s_client -connect {}:{} 2>&1 \
77 | sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' \
78 | openssl x509 -noout -text -certopt no_signame""".format(host,port)
79 result = subprocess.check_output("{}".format(signScript),shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE)
80 return result.split("\n")
81
82 def cypher_connect(host,port):
83 result = ""
84 for cyph in openssl_cyphers:
85 try:
86 result += subprocess.check_output("openssl s_client -cipher {} -connect {}:{} < /dev/null".format(cyph,host,port),shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE)
87 except subprocess.CalledProcessError:
88 pass
89 return result.split("\n")
90
91 def forward_connect(host,port):
92 result = ""
93 try:
94 result = subprocess.check_output("openssl s_client -cipher EDH,EECDH -connect {}:{} < /dev/null".format(host,port),shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE)
95 except subprocess.CalledProcessError:
96 #-----------------------------------XML_Export-----------------------------------#
97 if args.xmloutput:
98 forward_secrecy = ET.SubElement(scan, "forward_secrecy")
99 forward_secrecy.text="no"
100 #-----------------------------------XML_Export-----------------------------------#
101 print("\033[0;41m[+]Forward Secrecy not supported\033[0m")
102 return result.split("\n")
103
104 def key_check(host,port):
105 for line in basic_connect(host,port):
106 if "Server public key is" in line:
107 #-----------------------------------XML_Export-----------------------------------#
108 if args.xmloutput:
109 key_size = ET.SubElement(scan, "key")
110 key_size.text = str(re.findall(r'\d+', line)[0])
111 #-----------------------------------XML_Export-----------------------------------#
112 print("[+]{}\n".format(line))
113 if int(re.findall(r'\d+', line)[0]) < 2048:
114 print ("\033[0;41m[+]Insecure key size, it must be higher than 2048 bits\033[0m")
115 return
116
117 def ren_check(host,port):
118 for line in basic_connect(host,port):
119 if "Secure Renegotiation" in line:
120 if "IS NOT supported" in line:
121 #-----------------------------------XML_Export-----------------------------------#
122 if args.xmloutput:
123 renegotiation = ET.SubElement(scan, "renegotiation")
124 renegotiation.text="no"
125 #-----------------------------------XML_Export-----------------------------------#
126 print("\033[0;41m[+]Secure renegotiation not supported\033[0m")
127 else:
128 #-----------------------------------XML_Export-----------------------------------#
129 if args.xmloutput:
130 renegotiation = ET.SubElement(scan, "renegotiation")
131 renegotiation.text="yes"
132 #-----------------------------------XML_Export-----------------------------------#
133 print("[+]"+line)
134 return
135
136
137 def sign_check(host,port):
138 for line in sign_connect(host,port):
139 if "Signature Algorithm" in line:
140 insecure = False
141 for insecure_cypher in openssl_insecure_cyphers:
142 if insecure_cypher in line or insecure_cypher.upper() in line or insecure_cypher.lower() in line:
143 insecure = True
144 print("\033[0;41m[+]{}\033[0m\n".format(line.replace(" ","")))
145 #-----------------------------------XML_Export-----------------------------------#
146 if args.xmloutput:
147 signature_cipher = ET.SubElement(scan, line.replace(" Signature Algorithm: ",""))
148 signature_cipher.text = "signature insecure"
149 #-----------------------------------XML_Export-----------------------------------#
150 break
151 if not insecure:
152 #-----------------------------------XML_Export-----------------------------------#
153 if args.xmloutput:
154 signature_cipher = ET.SubElement(scan, line.replace(" Signature Algorithm: ",""))
155 signature_cipher.text = "signature secure"
156 #-----------------------------------XML_Export-----------------------------------#
157 print("[+]"+line.replace(" ",""))
158
159 def serv_check(host,port):
160 print("[+]Protocols supported by the server:")
161 for line in complex_connect(host,port):
162 for i,protocol in enumerate(openssl_protocols):
163 if line.endswith(openssl_protocols[protocol]):
164 if openssl_protocols[protocol] == "SSLv3" or openssl_protocols[protocol] == "TLSv1":
165 print(" \033[0;41m"+openssl_protocols[protocol])
166 else:
167 print(" "+openssl_protocols[protocol])
168 #-----------------------------------XML_Export-----------------------------------#
169 if args.xmloutput:
170 protocolx = ET.SubElement(scan, openssl_protocols[protocol])
171 protocolx.text="yes"
172 #-----------------------------------XML_Export-----------------------------------#
173 if "Cipher " in line:
174 print("|| Default cipher:{}\033[0m".format(line.replace(" Cipher : ","").replace("0000","")))
175
176 def cyph_check(host,port):
177 print("[+]Ciphers supported by the server (it may takes a minute):")
178 for line in cypher_connect(host,port):
179 if "Cipher : " in line:
180 insecure = False
181 for insecure_cypher in openssl_insecure_cyphers:
182 if insecure_cypher in line or insecure_cypher.upper() in line or insecure_cypher.lower() in line:
183 #-----------------------------------XML_Export-----------------------------------#
184 if args.xmloutput:
185 cypher = ET.SubElement(scan, line.replace(" Cipher : ",""))
186 cypher.text = "insecure"
187 #-----------------------------------XML_Export-----------------------------------#
188 print(" \033[0;41m{}\033[0m\n".format(line.replace(" Cipher : ","Supported cipher suite: [INSECURE] ")))
189 insecure = True
190 break
191 if not insecure:
192 #-----------------------------------XML_Export-----------------------------------#
193 if args.xmloutput:
194 cypher = ET.SubElement(scan, line.replace(" Cipher : ",""))
195 cypher.text = "secure"
196 #-----------------------------------XML_Export-----------------------------------#
197 print(line.replace(" Cipher : "," Supported cipher suite: [SECURE] "))
198
199 def forw_check(host,port):
200 for line in forward_connect(host,port):
201 if "Cipher : " in line:
202 #-----------------------------------XML_Export-----------------------------------#
203 if args.xmloutput:
204 forward_secrecy = ET.SubElement(scan, "forward_secrecy")
205 forward_secrecy.text="yes"
206 #-----------------------------------XML_Export-----------------------------------#
207 print("[+]{} (prefered)".format(line.replace(" Cipher : ","Forward Secrecy supported: ")))
208 return
209
210 def heart_check(host,port):
211 for line in tlsdebug_connect(host,port):
212 if "TLS server extension heartbeat" in line :
213 #-----------------------------------XML_Export-----------------------------------#
214 if args.xmloutput:
215 heartbeat = ET.SubElement(scan, "heartbeat")
216 heartbeat.text = "yes"
217 #-----------------------------------XML_Export-----------------------------------#
218 print("\033[0;41m[+]Heartbeat extension vulnerable\033[0m")
219 return;
220 #-----------------------------------XML_Export-----------------------------------#
221 if args.xmloutput:
222 heartbeat = ET.SubElement(scan, "heartbeat")
223 heartbeat.text = "no"
224 #-----------------------------------XML_Export-----------------------------------#
225 print("[+]Heartbeat extension disabled")
226
227 def crime_check(host,port):
228 for line in basic_connect(host,port):
229 if "Compression: NONE" in line:
230 #-----------------------------------XML_Export-----------------------------------#
231 if args.xmloutput:
232 crime = ET.SubElement(scan, "crime")
233 crime.text = "no"
234 #-----------------------------------XML_Export-----------------------------------#
235 print("[+]Compression disabled, CRIME is prevented")
236 return
237 elif "Compression: " in line:
238 #-----------------------------------XML_Export-----------------------------------#
239 if args.xmloutput:
240 crime = ET.SubElement(scan, "crime")
241 crime.text = "yes"
242 #-----------------------------------XML_Export-----------------------------------#
243 print("\033[0;41m[+]Potentially vulnerable to CRIME:{}\033[0m").format(line)
244 return
245
246 print("""\n\033[0;33m
247 ___ ___ _ ___ _ _
248 / __/ __| | / __| |_ ___ __| |_
249 \__ \__ \ |_| (__| ' \/ -_) _| / /
250 |___/___/____\___|_||_\___\__|_\_\ \033[0m
251
252 Version v1.0: November 2014
253 Morgan Lemarechal\n""")
254
255 if args.xmloutput:
256 root = ET.Element("sslcheck")
257
258 for host in args.host:
259
260 if re.match(r"^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$",host):
261 host_ip = host
262 host_name = ""
263 #host_name = subprocess.check_output("dig -x {} +short|sed 's/\.$//g'".format(host),shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE).rstrip()
264 print("[+]Perfoming the scan of {}".format(host_ip))
265 else:
266 host_name = host
267 host_ip = subprocess.check_output("nslookup "+host+" | tail -2 | head -1|awk '{print $2}'",shell=True, stdin=subprocess.PIPE, stderr=subprocess.PIPE).rstrip()
268 print("[+]Perfoming the scan of {}|{}".format(host_name,host_ip))
269
270 try:
271 #-----------------------------------XML_Export-----------------------------------#
272 if args.xmloutput:
273 scan = ET.SubElement(root, "scan")
274 scan.set('host',host_ip)
275 scan.set('port',str(args.port))
276 scan.set('hostname',host_name)
277 #-----------------------------------XML_Export-----------------------------------#
278 connection_test(host,args.port)
279 for scanning in program_options:
280 if args.choice == "all" or scanning in args.choice:
281 if not scanning == "all":
282 action = scanning+"_check"
283 globals()[action](host,args.port)
284
285 except KeyboardInterrupt:
286 print("[+]Interrupting SSLcheck...")
287 exit(1)
288
289 #-----------------------------------XML_Export-----------------------------------#
290 if args.xmloutput:
291 tree = ET.ElementTree(root)
292 try:
293 fo = open(args.xmloutput, "w")
294 tree.write(fo)
295 fo.close()
296 except IOError:
297 sys.exit('\033[0;41m[+]XML export failed.\033[0m')
298 #-----------------------------------XML_Export-----------------------------------#
299 # I'm Py3
+0
-131
scripts/wcscan.py less more
0 #!/usr/bin/env python
1 # -*- coding: utf-8 -*-
2 '''
3 Faraday Penetration Test IDE
4 Copyright (C) 2015 Infobyte LLC (http://www.infobytesec.com/)
5 See the file 'doc/LICENSE' for the license information
6
7 '''
8
9 import subprocess
10 import argparse
11 from lxml import etree as ET
12 import os.path
13 from os.path import basename
14 import re
15
16 from wcscans import phpini, webconfig
17
18 def is_valid_address(parser,arg):
19 if re.match(r"^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$",arg):
20 return arg
21 else:
22 parser.error('{} is not a valid address!'.format(arg))
23
24 def are_valid_files(parser,*args):
25 for arg in args:
26 return is_valid_file(parser, arg)
27
28 def is_valid_file(parser, arg):
29 if not os.path.isfile(arg):
30 parser.error('{} does not exist!'.format(arg))
31 else:
32 try:
33 if re.search("XML",subprocess.check_output("file {}".format(arg),
34 shell=True,
35 stdin=subprocess.PIPE,
36 stderr=subprocess.PIPE)):
37 if not os.path.isfile("wcscans/DotNetConfig.xsd"):
38 parser.error("DotNetConfig.xsd is missing, cannot validate the web.config".format(arg))
39 else:
40 f = open("wcscans/DotNetConfig.xsd","r")
41 webconfig_schema = ET.XMLSchema(ET.parse(f))
42 webconfig_schema.validate(ET.parse(arg))
43
44 if re.search("\.ini$",arg):
45 pass
46
47 return arg
48 except ET.ParseError:
49 parser.error("{} is not a valid file!".format(arg))
50
51 parser = argparse.ArgumentParser(prog='Wcscan')
52 parser.add_argument('files', nargs='+',
53 type=lambda *args: are_valid_files(parser,*args),
54 help='''configuration files as inputs,
55 separated by a space.
56 currently supported:
57 php.ini and web.config''')
58 parser.add_argument('-r', action='store_true', dest='recmode',
59 help='enable the recommendation mode')
60 parser.add_argument('-host', action='store',
61 type=lambda arg: is_valid_address(parser,arg),
62 dest='host', default="127.0.0.1",
63 help='to give the IP address of the conf file owner')
64 parser.add_argument('-port', action='store', type=int,
65 dest='port', default="80",
66 help='to give a associated port')
67 parser.add_argument('--xml', action='store', type=str, dest='xmloutput',
68 help='enabled the XML output in a specified file')
69 parser.add_argument('--version', "-v", action='version',
70 version='%(prog)s v1.0 by Morgan Lemarechal')
71 args = parser.parse_args()
72
73 print (basename("/a/b/c.txt"))
74 print ("""\033[0;33m
75 __ __
76 \ \ /\ / /__ ___ ___ __ _ _ __
77 \ \/ \/ / __/ __|/ __/ _` | '_ \
78 \ /\ / (__\__ \ (_| (_| | | | |
79 \/ \/ \___|___/\___\__,_|_| |_|
80 Version v1.0: November 2014
81 Morgan Lemarechal\033[0m""")
82
83 if args.xmloutput:
84 root = ET.Element("wcscan")
85 else:
86 scan = None
87
88 for file in args.files:
89 try:
90 print("\n[+]Perfoming the scan of \033[1;30m{}\033[0m...".format(file))
91
92 #------------------------------XML_Export------------------------------#
93 if args.xmloutput:
94 scan = ET.SubElement(root, "scan")
95 scan.set('file',basename(file))
96 scan.set('host',args.host)
97 scan.set('port',str(args.port))
98 #------------------------------XML_Export------------------------------#
99
100 if re.search("XML",subprocess.check_output("file {}".format(file),
101 shell=True,
102 stdin=subprocess.PIPE,
103 stderr=subprocess.PIPE)):
104 #------------------------------XML_Export------------------------------#
105 if args.xmloutput:
106 scan.set('type','webconfig')
107 #------------------------------XML_Export------------------------------#
108 webconfig.scanner(file,args.recmode,scan)
109
110 if re.search("\.ini$",file):
111 #------------------------------XML_Export------------------------------#
112 if args.xmloutput:
113 scan.set('type','phpini')
114 #------------------------------XML_Export------------------------------#
115 phpini.scanner(file,args.recmode,scan)
116
117 #------------------------------XML_Export------------------------------#
118 if args.xmloutput:
119 tree = ET.ElementTree(root)
120 try:
121 fo = open(args.xmloutput, "w")
122 tree.write(fo)
123 fo.close()
124 except IOError:
125 sys.exit('\033[0;41m[+]XML export failed.\033[0m')
126 #------------------------------XML_Export------------------------------#
127
128 except KeyboardInterrupt:
129 print("\n[+]Interrupting the checking of \033[1;30m{}\033[0m...".format(file))
130 # I'm Py3
+0
-4035
scripts/wcscans/DotNetConfig.xsd less more
0 <?xml version="1.0" encoding="us-ascii"?>
1 <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:vs="http://schemas.microsoft.com/Visual-Studio-Intellisense" elementFormDefault="qualified" attributeFormDefault="unqualified" vs:helpNamespace="http://schemas.microsoft.com/.NetConfiguration/v2.0">
2 <xs:element name="configuration">
3 <xs:complexType>
4 <xs:choice minOccurs="0" maxOccurs="unbounded">
5 <xs:any namespace="##any" processContents="lax" />
6 </xs:choice>
7 </xs:complexType>
8 </xs:element>
9 <xs:element name="location">
10 <xs:complexType>
11 <xs:choice>
12 <xs:any namespace="##any" processContents="lax" />
13 </xs:choice>
14 <xs:attribute name="path" type="xs:string" use="optional" />
15 <xs:attribute name="allowOverride" type="small_boolean_Type" use="optional" />
16 </xs:complexType>
17 </xs:element>
18 <xs:element name="configSections" type="configSections_type" />
19 <xs:complexType name="configSectionGroup_type">
20 <xs:choice>
21 <xs:group ref="configTypeDefinition" maxOccurs="unbounded" />
22 </xs:choice>
23 <xs:attribute name="name" type="xs:string" use="required" />
24 <xs:attribute name="type" type="xs:string" use="optional" />
25 </xs:complexType>
26 <xs:complexType name="configSections_type">
27 <xs:choice minOccurs="0" maxOccurs="unbounded">
28 <xs:group ref="configTypeDefinition" minOccurs="0" maxOccurs="unbounded" />
29 </xs:choice>
30 </xs:complexType>
31 <xs:group name="configTypeDefinition">
32 <xs:choice>
33 <xs:element name="section" type="configSection_section" minOccurs="0" maxOccurs="unbounded" />
34 <xs:element name="sectionGroup" type="configSectionGroup_type" minOccurs="0" maxOccurs="unbounded" />
35 </xs:choice>
36 </xs:group>
37 <xs:complexType name="configSection_section">
38 <xs:attribute name="name" type="xs:string" use="required" />
39 <xs:attribute name="type" type="xs:string" use="required" />
40 <xs:attribute name="requirePermission" type="boolean_Type" use="optional" />
41 <xs:attribute name="allowLocation" type="boolean_Type" use="optional" />
42 <xs:attribute name="allowOverride" type="boolean_Type" use="optional" />
43 <xs:attribute name="restartOnExternalChanges" type="boolean_Type" use="optional" />
44 <xs:attribute name="allowDefinition" use="optional">
45 <xs:simpleType>
46 <xs:restriction base="xs:string">
47 <xs:enumeration value="MachineToWebRoot" />
48 <xs:enumeration value="MachineToApplication" />
49 <xs:enumeration value="MachineOnly" />
50 <xs:enumeration value="Everywhere" />
51 </xs:restriction>
52 </xs:simpleType>
53 </xs:attribute>
54 <xs:attribute name="allowExeDefinition" use="optional">
55 <xs:simpleType>
56 <xs:restriction base="xs:string">
57 <xs:enumeration value="MachineOnly" />
58 <xs:enumeration value="MachineToApplication" />
59 <xs:enumeration value="MachineToLocalUser" />
60 <xs:enumeration value="MachineToRoamingUser" />
61 </xs:restriction>
62 </xs:simpleType>
63 </xs:attribute>
64 </xs:complexType>
65 <xs:simpleType name="Infinite_or_int">
66 <xs:union memberTypes="Infinite xs:int" />
67 </xs:simpleType>
68 <xs:simpleType name="Infinite">
69 <xs:restriction base="xs:string">
70 <xs:enumeration value="Infinite" />
71 </xs:restriction>
72 </xs:simpleType>
73 <xs:simpleType name="small_boolean_Type">
74 <xs:restriction base="xs:NMTOKEN">
75 <xs:enumeration value="false" />
76 <xs:enumeration value="true" />
77 </xs:restriction>
78 </xs:simpleType>
79 <xs:simpleType name="boolean_Type">
80 <xs:restriction base="xs:NMTOKEN">
81 <xs:enumeration value="false" />
82 <xs:enumeration value="true" />
83 <xs:enumeration value="True" />
84 <xs:enumeration value="False" />
85 </xs:restriction>
86 </xs:simpleType>
87 <xs:element name="appSettings" vs:help="configuration/appSettings">
88 <xs:complexType>
89 <xs:choice minOccurs="0" maxOccurs="unbounded">
90 <xs:element name="add" vs:help="configuration/appSettings/add">
91 <xs:complexType>
92 <xs:attribute name="key" type="xs:string" use="optional" />
93 <xs:attribute name="value" type="xs:string" use="optional" />
94 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
95 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
96 <xs:attribute name="lockElements" type="xs:string" use="optional" />
97 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
98 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
99 </xs:complexType>
100 </xs:element>
101 <xs:element name="remove" vs:help="configuration/appSettings/remove">
102 <xs:complexType>
103 <xs:attribute name="key" type="xs:string" use="optional" />
104 </xs:complexType>
105 </xs:element>
106 <xs:element name="clear" vs:help="configuration/appSettings/clear">
107 <xs:complexType>
108 <!--tag is empty-->
109 </xs:complexType>
110 </xs:element>
111 </xs:choice>
112 <xs:attribute name="file" type="xs:string" use="optional" />
113 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
114 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
115 <xs:attribute name="lockElements" type="xs:string" use="optional" />
116 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
117 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
118 <xs:attribute name="configSource" type="xs:string" use="optional" />
119 </xs:complexType>
120 </xs:element>
121 <xs:element name="assemblyBinding" vs:help="configuration/assemblyBinding" />
122 <xs:element name="configProtectedData" vs:help="configuration/configProtectedData">
123 <xs:complexType>
124 <xs:choice minOccurs="0" maxOccurs="unbounded">
125 <xs:element name="providers" vs:help="configuration/configProtectedData/providers">
126 <xs:complexType>
127 <xs:choice minOccurs="0" maxOccurs="unbounded">
128 <xs:element name="add" vs:help="configuration/configProtectedData/providers/add">
129 <xs:complexType>
130 <xs:attribute name="name" type="xs:string" use="required" />
131 <xs:attribute name="type" type="xs:string" use="required" />
132 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
133 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
134 <xs:attribute name="lockElements" type="xs:string" use="optional" />
135 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
136 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
137 </xs:complexType>
138 </xs:element>
139 <xs:element name="remove" vs:help="configuration/configProtectedData/providers/remove">
140 <xs:complexType>
141 <xs:attribute name="name" type="xs:string" use="required" />
142 </xs:complexType>
143 </xs:element>
144 <xs:element name="clear" vs:help="configuration/configProtectedData/providers/clear">
145 <xs:complexType>
146 <!--tag is empty-->
147 </xs:complexType>
148 </xs:element>
149 </xs:choice>
150 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
151 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
152 <xs:attribute name="lockElements" type="xs:string" use="optional" />
153 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
154 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
155 </xs:complexType>
156 </xs:element>
157 </xs:choice>
158 <xs:attribute name="defaultProvider" type="xs:string" use="optional" />
159 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
160 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
161 <xs:attribute name="lockElements" type="xs:string" use="optional" />
162 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
163 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
164 <xs:attribute name="configSource" type="xs:string" use="optional" />
165 </xs:complexType>
166 </xs:element>
167 <xs:element name="connectionStrings" vs:help="configuration/connectionStrings">
168 <xs:complexType>
169 <xs:choice minOccurs="0" maxOccurs="unbounded">
170 <xs:element name="add" vs:help="configuration/connectionStrings/add">
171 <xs:complexType>
172 <xs:attribute name="connectionString" type="xs:string" use="required" />
173 <xs:attribute name="name" type="xs:string" use="required" />
174 <xs:attribute name="providerName" type="xs:string" use="optional" />
175 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
176 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
177 <xs:attribute name="lockElements" type="xs:string" use="optional" />
178 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
179 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
180 </xs:complexType>
181 </xs:element>
182 <xs:element name="remove" vs:help="configuration/connectionStrings/remove">
183 <xs:complexType>
184 <xs:attribute name="name" type="xs:string" use="required" />
185 </xs:complexType>
186 </xs:element>
187 <xs:element name="clear" vs:help="configuration/connectionStrings/clear">
188 <xs:complexType>
189 <!--tag is empty-->
190 </xs:complexType>
191 </xs:element>
192 </xs:choice>
193 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
194 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
195 <xs:attribute name="lockElements" type="xs:string" use="optional" />
196 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
197 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
198 <xs:attribute name="configSource" type="xs:string" use="optional" />
199 </xs:complexType>
200 </xs:element>
201 <xs:element name="mscorlib" vs:help="configuration/mscorlib" />
202 <xs:element name="runtime" vs:help="configuration/runtime">
203 <xs:complexType>
204 <xs:choice minOccurs="0" maxOccurs="unbounded">
205 <xs:any namespace="##any" processContents="skip" />
206 </xs:choice>
207 <xs:anyAttribute processContents="skip" />
208 </xs:complexType>
209 </xs:element>
210 <xs:element name="satelliteassemblies" vs:help="configuration/satelliteassemblies" />
211 <xs:element name="startup" vs:help="configuration/startup" />
212 <xs:element name="system.codedom" vs:help="configuration/system.codedom" />
213 <xs:element name="system.data" vs:help="configuration/system.data">
214 <xs:complexType>
215 <xs:choice minOccurs="0" maxOccurs="unbounded">
216 <xs:any namespace="##any" processContents="skip" />
217 </xs:choice>
218 </xs:complexType>
219 </xs:element>
220 <xs:element name="system.data.dataset" vs:help="configuration/system.data.dataset" />
221 <xs:element name="system.data.odbc" vs:help="configuration/system.data.odbc" />
222 <xs:element name="system.data.oledb" vs:help="configuration/system.data.oledb" />
223 <xs:element name="system.data.oracleclient" vs:help="configuration/system.data.oracleclient" />
224 <xs:element name="system.data.sqlclient" vs:help="configuration/system.data.sqlclient" />
225 <xs:element name="system.diagnostics" vs:help="configuration/system.diagnostics">
226 <xs:complexType>
227 <xs:choice minOccurs="0" maxOccurs="unbounded">
228 <xs:element name="assert" vs:help="configuration/system.diagnostics/assert">
229 <xs:complexType>
230 <xs:attribute name="assertuienabled" type="small_boolean_Type" use="optional" />
231 <xs:attribute name="logfilename" type="xs:string" use="optional" />
232 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
233 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
234 <xs:attribute name="lockElements" type="xs:string" use="optional" />
235 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
236 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
237 </xs:complexType>
238 </xs:element>
239 <xs:element name="performanceCounters" vs:help="configuration/system.diagnostics/performanceCounters">
240 <xs:complexType>
241 <xs:attribute name="filemappingsize" type="xs:int" use="optional" />
242 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
243 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
244 <xs:attribute name="lockElements" type="xs:string" use="optional" />
245 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
246 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
247 </xs:complexType>
248 </xs:element>
249 <xs:element name="sharedListeners" vs:help="configuration/system.diagnostics/sharedListeners">
250 <xs:complexType>
251 <xs:choice minOccurs="0" maxOccurs="unbounded">
252 <xs:element name="add" vs:help="configuration/system.diagnostics/sharedListeners/add">
253 <xs:complexType>
254 <xs:choice minOccurs="0" maxOccurs="unbounded">
255 <xs:element name="filter" vs:help="configuration/system.diagnostics/sharedListeners/ListenerElement/filter">
256 <xs:complexType>
257 <xs:attribute name="initializeData" type="xs:string" use="optional" />
258 <xs:attribute name="type" type="xs:string" use="required" />
259 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
260 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
261 <xs:attribute name="lockElements" type="xs:string" use="optional" />
262 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
263 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
264 </xs:complexType>
265 </xs:element>
266 </xs:choice>
267 <xs:attribute name="name" type="xs:string" use="required" />
268 <xs:attribute name="traceOutputOptions" use="optional">
269 <xs:simpleType>
270 <xs:restriction base="xs:NMTOKEN">
271 <xs:enumeration value="Callstack" />
272 <xs:enumeration value="DateTime" />
273 <xs:enumeration value="LogicalOperationStack" />
274 <xs:enumeration value="None" />
275 <xs:enumeration value="ProcessId" />
276 <xs:enumeration value="ThreadId" />
277 <xs:enumeration value="Timestamp" />
278 </xs:restriction>
279 </xs:simpleType>
280 </xs:attribute>
281 <xs:attribute name="initializeData" type="xs:string" use="optional" />
282 <xs:attribute name="type" type="xs:string" use="optional" />
283 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
284 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
285 <xs:attribute name="lockElements" type="xs:string" use="optional" />
286 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
287 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
288 </xs:complexType>
289 </xs:element>
290 <xs:element name="remove" vs:help="configuration/system.diagnostics/sharedListeners/remove">
291 <xs:complexType>
292 <xs:choice minOccurs="0" maxOccurs="unbounded">
293 <xs:element name="filter" vs:help="configuration/system.diagnostics/sharedListeners/ListenerElement/filter">
294 <xs:complexType>
295 <xs:attribute name="initializeData" type="xs:string" use="optional" />
296 <xs:attribute name="type" type="xs:string" use="required" />
297 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
298 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
299 <xs:attribute name="lockElements" type="xs:string" use="optional" />
300 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
301 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
302 </xs:complexType>
303 </xs:element>
304 </xs:choice>
305 <xs:attribute name="name" type="xs:string" use="required" />
306 </xs:complexType>
307 </xs:element>
308 </xs:choice>
309 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
310 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
311 <xs:attribute name="lockElements" type="xs:string" use="optional" />
312 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
313 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
314 </xs:complexType>
315 </xs:element>
316 <xs:element name="sources" vs:help="configuration/system.diagnostics/sources">
317 <xs:complexType>
318 <xs:choice minOccurs="0" maxOccurs="unbounded">
319 <xs:element name="source" vs:help="configuration/system.diagnostics/sources/source">
320 <xs:complexType>
321 <xs:choice minOccurs="0" maxOccurs="unbounded">
322 <xs:element name="listeners" vs:help="configuration/system.diagnostics/sources/SourceElement/listeners">
323 <xs:complexType>
324 <xs:choice minOccurs="0" maxOccurs="unbounded">
325 <xs:element name="add" vs:help="configuration/system.diagnostics/sources/SourceElement/listeners/add">
326 <xs:complexType>
327 <xs:choice minOccurs="0" maxOccurs="unbounded">
328 <xs:element name="filter" vs:help="configuration/system.diagnostics/sources/SourceElement/listeners/ListenerElement/filter">
329 <xs:complexType>
330 <xs:attribute name="initializeData" type="xs:string" use="optional" />
331 <xs:attribute name="type" type="xs:string" use="required" />
332 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
333 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
334 <xs:attribute name="lockElements" type="xs:string" use="optional" />
335 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
336 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
337 </xs:complexType>
338 </xs:element>
339 </xs:choice>
340 <xs:attribute name="name" type="xs:string" use="required" />
341 <xs:attribute name="traceOutputOptions" use="optional">
342 <xs:simpleType>
343 <xs:restriction base="xs:NMTOKEN">
344 <xs:enumeration value="Callstack" />
345 <xs:enumeration value="DateTime" />
346 <xs:enumeration value="LogicalOperationStack" />
347 <xs:enumeration value="None" />
348 <xs:enumeration value="ProcessId" />
349 <xs:enumeration value="ThreadId" />
350 <xs:enumeration value="Timestamp" />
351 </xs:restriction>
352 </xs:simpleType>
353 </xs:attribute>
354 <xs:attribute name="initializeData" type="xs:string" use="optional" />
355 <xs:attribute name="type" type="xs:string" use="optional" />
356 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
357 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
358 <xs:attribute name="lockElements" type="xs:string" use="optional" />
359 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
360 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
361 </xs:complexType>
362 </xs:element>
363 <xs:element name="remove" vs:help="configuration/system.diagnostics/sources/SourceElement/listeners/remove">
364 <xs:complexType>
365 <xs:choice minOccurs="0" maxOccurs="unbounded">
366 <xs:element name="filter" vs:help="configuration/system.diagnostics/sources/SourceElement/listeners/ListenerElement/filter">
367 <xs:complexType>
368 <xs:attribute name="initializeData" type="xs:string" use="optional" />
369 <xs:attribute name="type" type="xs:string" use="optional" />
370 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
371 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
372 <xs:attribute name="lockElements" type="xs:string" use="optional" />
373 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
374 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
375 </xs:complexType>
376 </xs:element>
377 </xs:choice>
378 <xs:attribute name="name" type="xs:string" use="required" />
379 </xs:complexType>
380 </xs:element>
381 </xs:choice>
382 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
383 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
384 <xs:attribute name="lockElements" type="xs:string" use="optional" />
385 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
386 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
387 </xs:complexType>
388 </xs:element>
389 </xs:choice>
390 <xs:attribute name="name" type="xs:string" use="required" />
391 <xs:attribute name="switchName" type="xs:string" use="optional" />
392 <xs:attribute name="switchType" type="xs:string" use="optional" />
393 <xs:attribute name="switchValue" type="xs:string" use="optional" />
394 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
395 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
396 <xs:attribute name="lockElements" type="xs:string" use="optional" />
397 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
398 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
399 </xs:complexType>
400 </xs:element>
401 </xs:choice>
402 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
403 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
404 <xs:attribute name="lockElements" type="xs:string" use="optional" />
405 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
406 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
407 </xs:complexType>
408 </xs:element>
409 <xs:element name="switches" vs:help="configuration/system.diagnostics/switches">
410 <xs:complexType>
411 <xs:choice minOccurs="0" maxOccurs="unbounded">
412 <xs:element name="add" vs:help="configuration/system.diagnostics/switches/add">
413 <xs:complexType>
414 <xs:attribute name="name" type="xs:string" use="required" />
415 <xs:attribute name="value" type="xs:string" use="required" />
416 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
417 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
418 <xs:attribute name="lockElements" type="xs:string" use="optional" />
419 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
420 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
421 </xs:complexType>
422 </xs:element>
423 <xs:element name="remove" vs:help="configuration/system.diagnostics/switches/remove">
424 <xs:complexType>
425 <xs:attribute name="name" type="xs:string" use="required" />
426 </xs:complexType>
427 </xs:element>
428 <xs:element name="clear" vs:help="configuration/system.diagnostics/switches/clear">
429 <xs:complexType>
430 <!--tag is empty-->
431 </xs:complexType>
432 </xs:element>
433 </xs:choice>
434 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
435 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
436 <xs:attribute name="lockElements" type="xs:string" use="optional" />
437 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
438 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
439 </xs:complexType>
440 </xs:element>
441 <xs:element name="trace" vs:help="configuration/system.diagnostics/trace">
442 <xs:complexType>
443 <xs:choice minOccurs="0" maxOccurs="unbounded">
444 <xs:element name="listeners" vs:help="configuration/system.diagnostics/trace/listeners">
445 <xs:complexType>
446 <xs:choice minOccurs="0" maxOccurs="unbounded">
447 <xs:element name="add" vs:help="configuration/system.diagnostics/trace/listeners/add">
448 <xs:complexType>
449 <xs:choice minOccurs="0" maxOccurs="unbounded">
450 <xs:element name="filter" vs:help="configuration/system.diagnostics/trace/listeners/ListenerElement/filter">
451 <xs:complexType>
452 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
453 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
454 <xs:attribute name="lockElements" type="xs:string" use="optional" />
455 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
456 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
457 </xs:complexType>
458 </xs:element>
459 </xs:choice>
460 <xs:attribute name="name" type="xs:string" use="required" />
461 <xs:attribute name="traceOutputOptions" use="optional">
462 <xs:simpleType>
463 <xs:restriction base="xs:NMTOKEN">
464 <xs:enumeration value="Callstack" />
465 <xs:enumeration value="DateTime" />
466 <xs:enumeration value="LogicalOperationStack" />
467 <xs:enumeration value="None" />
468 <xs:enumeration value="ProcessId" />
469 <xs:enumeration value="ThreadId" />
470 <xs:enumeration value="Timestamp" />
471 </xs:restriction>
472 </xs:simpleType>
473 </xs:attribute>
474 <xs:attribute name="initializeData" type="xs:string" use="optional" />
475 <xs:attribute name="type" type="xs:string" use="optional" />
476 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
477 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
478 <xs:attribute name="lockElements" type="xs:string" use="optional" />
479 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
480 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
481 </xs:complexType>
482 </xs:element>
483 <xs:element name="remove" vs:help="configuration/system.diagnostics/trace/listeners/remove">
484 <xs:complexType>
485 <xs:choice minOccurs="0" maxOccurs="unbounded">
486 <xs:element name="filter" vs:help="configuration/system.diagnostics/trace/listeners/ListenerElement/filter">
487 <xs:complexType>
488 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
489 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
490 <xs:attribute name="lockElements" type="xs:string" use="optional" />
491 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
492 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
493 </xs:complexType>
494 </xs:element>
495 </xs:choice>
496 <xs:attribute name="name" type="xs:string" use="required" />
497 </xs:complexType>
498 </xs:element>
499 <xs:element name="clear" vs:help="configuration/system.diagnostics/trace/listeners/clear">
500 <xs:complexType>
501 <!--tag is empty-->
502 </xs:complexType>
503 </xs:element>
504 </xs:choice>
505 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
506 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
507 <xs:attribute name="lockElements" type="xs:string" use="optional" />
508 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
509 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
510 </xs:complexType>
511 </xs:element>
512 </xs:choice>
513 <xs:attribute name="autoflush" type="small_boolean_Type" use="optional" />
514 <xs:attribute name="indentsize" type="xs:int" use="optional" />
515 <xs:attribute name="useGlobalLock" type="small_boolean_Type" use="optional" />
516 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
517 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
518 <xs:attribute name="lockElements" type="xs:string" use="optional" />
519 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
520 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
521 </xs:complexType>
522 </xs:element>
523 </xs:choice>
524 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
525 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
526 <xs:attribute name="lockElements" type="xs:string" use="optional" />
527 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
528 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
529 <xs:attribute name="configSource" type="xs:string" use="optional" />
530 </xs:complexType>
531 </xs:element>
532 <xs:element name="system.runtime.remoting" vs:help="configuration/system.runtime.remoting" />
533 <xs:element name="system.webServer" vs:help="configuration/system.webServer" />
534 <xs:element name="system.windows.forms" vs:help="configuration/system.windows.forms">
535 <xs:complexType>
536 <xs:attribute name="jitDebugging" type="small_boolean_Type" use="optional" />
537 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
538 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
539 <xs:attribute name="lockElements" type="xs:string" use="optional" />
540 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
541 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
542 <xs:attribute name="configSource" type="xs:string" use="optional" />
543 </xs:complexType>
544 </xs:element>
545 <xs:element name="windows" vs:help="configuration/windows" />
546 <xs:element name="system.net" vs:help="configuration/system.net">
547 <xs:complexType>
548 <xs:choice minOccurs="0" maxOccurs="unbounded">
549 <xs:element name="authenticationModules" vs:help="configuration/system.net/authenticationModules">
550 <xs:complexType>
551 <xs:choice minOccurs="0" maxOccurs="unbounded">
552 <xs:element name="add" vs:help="configuration/system.net/authenticationModules/add">
553 <xs:complexType>
554 <xs:attribute name="type" type="xs:string" use="required" />
555 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
556 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
557 <xs:attribute name="lockElements" type="xs:string" use="optional" />
558 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
559 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
560 </xs:complexType>
561 </xs:element>
562 <xs:element name="remove" vs:help="configuration/system.net/authenticationModules/remove">
563 <xs:complexType>
564 <xs:attribute name="type" type="xs:string" use="required" />
565 </xs:complexType>
566 </xs:element>
567 <xs:element name="clear" vs:help="configuration/system.net/authenticationModules/clear">
568 <xs:complexType>
569 <!--tag is empty-->
570 </xs:complexType>
571 </xs:element>
572 </xs:choice>
573 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
574 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
575 <xs:attribute name="lockElements" type="xs:string" use="optional" />
576 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
577 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
578 <xs:attribute name="configSource" type="xs:string" use="optional" />
579 </xs:complexType>
580 </xs:element>
581 <xs:element name="connectionManagement" vs:help="configuration/system.net/connectionManagement">
582 <xs:complexType>
583 <xs:choice minOccurs="0" maxOccurs="unbounded">
584 <xs:element name="add" vs:help="configuration/system.net/connectionManagement/add">
585 <xs:complexType>
586 <xs:attribute name="address" type="xs:string" use="required" />
587 <xs:attribute name="maxconnection" type="xs:int" use="required" />
588 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
589 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
590 <xs:attribute name="lockElements" type="xs:string" use="optional" />
591 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
592 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
593 </xs:complexType>
594 </xs:element>
595 <xs:element name="remove" vs:help="configuration/system.net/connectionManagement/remove">
596 <xs:complexType>
597 <xs:attribute name="address" type="xs:string" use="required" />
598 </xs:complexType>
599 </xs:element>
600 <xs:element name="clear" vs:help="configuration/system.net/connectionManagement/clear">
601 <xs:complexType>
602 <!--tag is empty-->
603 </xs:complexType>
604 </xs:element>
605 </xs:choice>
606 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
607 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
608 <xs:attribute name="lockElements" type="xs:string" use="optional" />
609 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
610 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
611 <xs:attribute name="configSource" type="xs:string" use="optional" />
612 </xs:complexType>
613 </xs:element>
614 <xs:element name="defaultProxy" vs:help="configuration/system.net/defaultProxy">
615 <xs:complexType>
616 <xs:choice minOccurs="0" maxOccurs="unbounded">
617 <xs:element name="bypasslist" vs:help="configuration/system.net/defaultProxy/bypasslist">
618 <xs:complexType>
619 <xs:choice minOccurs="0" maxOccurs="unbounded">
620 <xs:element name="add" vs:help="configuration/system.net/defaultProxy/bypasslist/add">
621 <xs:complexType>
622 <xs:attribute name="address" type="xs:string" use="required" />
623 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
624 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
625 <xs:attribute name="lockElements" type="xs:string" use="optional" />
626 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
627 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
628 </xs:complexType>
629 </xs:element>
630 <xs:element name="remove" vs:help="configuration/system.net/defaultProxy/bypasslist/remove">
631 <xs:complexType>
632 <xs:attribute name="address" type="xs:string" use="required" />
633 </xs:complexType>
634 </xs:element>
635 <xs:element name="clear" vs:help="configuration/system.net/defaultProxy/bypasslist/clear">
636 <xs:complexType>
637 <!--tag is empty-->
638 </xs:complexType>
639 </xs:element>
640 </xs:choice>
641 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
642 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
643 <xs:attribute name="lockElements" type="xs:string" use="optional" />
644 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
645 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
646 </xs:complexType>
647 </xs:element>
648 <xs:element name="module" vs:help="configuration/system.net/defaultProxy/module">
649 <xs:complexType>
650 <xs:attribute name="type" type="xs:string" use="optional" />
651 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
652 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
653 <xs:attribute name="lockElements" type="xs:string" use="optional" />
654 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
655 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
656 </xs:complexType>
657 </xs:element>
658 <xs:element name="proxy" vs:help="configuration/system.net/defaultProxy/proxy">
659 <xs:complexType>
660 <xs:attribute name="autoDetect" use="optional">
661 <xs:simpleType>
662 <xs:restriction base="xs:NMTOKEN">
663 <xs:enumeration value="False" />
664 <xs:enumeration value="True" />
665 <xs:enumeration value="Unspecified" />
666 </xs:restriction>
667 </xs:simpleType>
668 </xs:attribute>
669 <xs:attribute name="bypassonlocal" use="optional">
670 <xs:simpleType>
671 <xs:restriction base="xs:NMTOKEN">
672 <xs:enumeration value="False" />
673 <xs:enumeration value="True" />
674 <xs:enumeration value="Unspecified" />
675 </xs:restriction>
676 </xs:simpleType>
677 </xs:attribute>
678 <xs:attribute name="proxyaddress" type="xs:string" use="optional" />
679 <xs:attribute name="scriptLocation" type="xs:string" use="optional" />
680 <xs:attribute name="usesystemdefault" use="optional">
681 <xs:simpleType>
682 <xs:restriction base="xs:NMTOKEN">
683 <xs:enumeration value="False" />
684 <xs:enumeration value="True" />
685 <xs:enumeration value="Unspecified" />
686 </xs:restriction>
687 </xs:simpleType>
688 </xs:attribute>
689 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
690 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
691 <xs:attribute name="lockElements" type="xs:string" use="optional" />
692 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
693 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
694 </xs:complexType>
695 </xs:element>
696 </xs:choice>
697 <xs:attribute name="enabled" type="small_boolean_Type" use="optional" />
698 <xs:attribute name="useDefaultCredentials" type="small_boolean_Type" use="optional" />
699 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
700 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
701 <xs:attribute name="lockElements" type="xs:string" use="optional" />
702 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
703 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
704 <xs:attribute name="configSource" type="xs:string" use="optional" />
705 </xs:complexType>
706 </xs:element>
707 <xs:element name="requestCaching" vs:help="configuration/system.net/requestCaching">
708 <xs:complexType>
709 <xs:choice minOccurs="0" maxOccurs="unbounded">
710 <xs:element name="defaultFtpCachePolicy" vs:help="configuration/system.net/requestCaching/defaultFtpCachePolicy">
711 <xs:complexType>
712 <xs:attribute name="policyLevel" use="optional">
713 <xs:simpleType>
714 <xs:restriction base="xs:NMTOKEN">
715 <xs:enumeration value="BypassCache" />
716 <xs:enumeration value="CacheIfAvailable" />
717 <xs:enumeration value="CacheOnly" />
718 <xs:enumeration value="Default" />
719 <xs:enumeration value="NoCacheNoStore" />
720 <xs:enumeration value="Reload" />
721 <xs:enumeration value="Revalidate" />
722 </xs:restriction>
723 </xs:simpleType>
724 </xs:attribute>
725 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
726 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
727 <xs:attribute name="lockElements" type="xs:string" use="optional" />
728 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
729 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
730 </xs:complexType>
731 </xs:element>
732 <xs:element name="defaultHttpCachePolicy" vs:help="configuration/system.net/requestCaching/defaultHttpCachePolicy">
733 <xs:complexType>
734 <xs:attribute name="maximumAge" type="xs:string" use="optional" />
735 <xs:attribute name="maximumStale" type="xs:string" use="optional" />
736 <xs:attribute name="minimumFresh" type="xs:string" use="optional" />
737 <xs:attribute name="policyLevel" use="required">
738 <xs:simpleType>
739 <xs:restriction base="xs:NMTOKEN">
740 <xs:enumeration value="BypassCache" />
741 <xs:enumeration value="CacheIfAvailable" />
742 <xs:enumeration value="CacheOnly" />
743 <xs:enumeration value="CacheOrNextCacheOnly" />
744 <xs:enumeration value="Default" />
745 <xs:enumeration value="NoCacheNoStore" />
746 <xs:enumeration value="Refresh" />
747 <xs:enumeration value="Reload" />
748 <xs:enumeration value="Revalidate" />
749 </xs:restriction>
750 </xs:simpleType>
751 </xs:attribute>
752 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
753 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
754 <xs:attribute name="lockElements" type="xs:string" use="optional" />
755 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
756 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
757 </xs:complexType>
758 </xs:element>
759 </xs:choice>
760 <xs:attribute name="defaultPolicyLevel" use="optional">
761 <xs:simpleType>
762 <xs:restriction base="xs:NMTOKEN">
763 <xs:enumeration value="BypassCache" />
764 <xs:enumeration value="CacheIfAvailable" />
765 <xs:enumeration value="CacheOnly" />
766 <xs:enumeration value="Default" />
767 <xs:enumeration value="NoCacheNoStore" />
768 <xs:enumeration value="Reload" />
769 <xs:enumeration value="Revalidate" />
770 </xs:restriction>
771 </xs:simpleType>
772 </xs:attribute>
773 <xs:attribute name="disableAllCaching" type="small_boolean_Type" use="optional" />
774 <xs:attribute name="isPrivateCache" type="small_boolean_Type" use="optional" />
775 <xs:attribute name="unspecifiedMaximumAge" type="xs:string" use="optional" />
776 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
777 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
778 <xs:attribute name="lockElements" type="xs:string" use="optional" />
779 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
780 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
781 <xs:attribute name="configSource" type="xs:string" use="optional" />
782 </xs:complexType>
783 </xs:element>
784 <xs:element name="settings" vs:help="configuration/system.net/settings">
785 <xs:complexType>
786 <xs:choice minOccurs="0" maxOccurs="unbounded">
787 <xs:element name="httpWebRequest" vs:help="configuration/system.net/settings/httpWebRequest">
788 <xs:complexType>
789 <xs:attribute name="maximumErrorResponseLength" type="xs:int" use="optional" />
790 <xs:attribute name="maximumResponseHeadersLength" type="xs:int" use="optional" />
791 <xs:attribute name="maximumUnauthorizedUploadLength" type="xs:int" use="optional" />
792 <xs:attribute name="useUnsafeHeaderParsing" type="small_boolean_Type" use="optional" />
793 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
794 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
795 <xs:attribute name="lockElements" type="xs:string" use="optional" />
796 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
797 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
798 </xs:complexType>
799 </xs:element>
800 <xs:element name="ipv6" vs:help="configuration/system.net/settings/ipv6">
801 <xs:complexType>
802 <xs:attribute name="enabled" type="small_boolean_Type" use="optional" />
803 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
804 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
805 <xs:attribute name="lockElements" type="xs:string" use="optional" />
806 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
807 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
808 </xs:complexType>
809 </xs:element>
810 <xs:element name="performanceCounters" vs:help="configuration/system.net/settings/performanceCounters">
811 <xs:complexType>
812 <xs:attribute name="enabled" type="small_boolean_Type" use="optional" />
813 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
814 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
815 <xs:attribute name="lockElements" type="xs:string" use="optional" />
816 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
817 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
818 </xs:complexType>
819 </xs:element>
820 <xs:element name="servicePointManager" vs:help="configuration/system.net/settings/servicePointManager">
821 <xs:complexType>
822 <xs:attribute name="checkCertificateName" type="small_boolean_Type" use="optional" />
823 <xs:attribute name="checkCertificateRevocationList" type="small_boolean_Type" use="optional" />
824 <xs:attribute name="dnsRefreshTimeout" type="xs:int" use="optional" />
825 <xs:attribute name="enableDnsRoundRobin" type="small_boolean_Type" use="optional" />
826 <xs:attribute name="expect100Continue" type="small_boolean_Type" use="optional" />
827 <xs:attribute name="useNagleAlgorithm" type="small_boolean_Type" use="optional" />
828 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
829 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
830 <xs:attribute name="lockElements" type="xs:string" use="optional" />
831 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
832 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
833 </xs:complexType>
834 </xs:element>
835 <xs:element name="socket" vs:help="configuration/system.net/settings/socket">
836 <xs:complexType>
837 <xs:attribute name="alwaysUseCompletionPortsForAccept" type="small_boolean_Type" use="optional" />
838 <xs:attribute name="alwaysUseCompletionPortsForConnect" type="small_boolean_Type" use="optional" />
839 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
840 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
841 <xs:attribute name="lockElements" type="xs:string" use="optional" />
842 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
843 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
844 </xs:complexType>
845 </xs:element>
846 <xs:element name="webProxyScript" vs:help="configuration/system.net/settings/webProxyScript">
847 <xs:complexType>
848 <xs:attribute name="downloadTimeout" type="xs:string" use="optional" />
849 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
850 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
851 <xs:attribute name="lockElements" type="xs:string" use="optional" />
852 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
853 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
854 </xs:complexType>
855 </xs:element>
856 </xs:choice>
857 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
858 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
859 <xs:attribute name="lockElements" type="xs:string" use="optional" />
860 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
861 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
862 <xs:attribute name="configSource" type="xs:string" use="optional" />
863 </xs:complexType>
864 </xs:element>
865 <xs:element name="webRequestModules" vs:help="configuration/system.net/webRequestModules">
866 <xs:complexType>
867 <xs:choice minOccurs="0" maxOccurs="unbounded">
868 <xs:element name="add" vs:help="configuration/system.net/webRequestModules/add">
869 <xs:complexType>
870 <xs:attribute name="prefix" type="xs:string" use="required" />
871 <xs:attribute name="type" type="xs:string" use="optional" />
872 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
873 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
874 <xs:attribute name="lockElements" type="xs:string" use="optional" />
875 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
876 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
877 </xs:complexType>
878 </xs:element>
879 <xs:element name="remove" vs:help="configuration/system.net/webRequestModules/remove">
880 <xs:complexType>
881 <xs:attribute name="prefix" type="xs:string" use="required" />
882 </xs:complexType>
883 </xs:element>
884 <xs:element name="clear" vs:help="configuration/system.net/webRequestModules/clear">
885 <xs:complexType>
886 <!--tag is empty-->
887 </xs:complexType>
888 </xs:element>
889 </xs:choice>
890 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
891 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
892 <xs:attribute name="lockElements" type="xs:string" use="optional" />
893 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
894 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
895 <xs:attribute name="configSource" type="xs:string" use="optional" />
896 </xs:complexType>
897 </xs:element>
898 <xs:element name="mailSettings" vs:help="configuration/system.net/mailSettings">
899 <xs:complexType>
900 <xs:choice minOccurs="0" maxOccurs="unbounded">
901 <xs:element name="smtp" vs:help="configuration/system.net/mailSettings/smtp">
902 <xs:complexType>
903 <xs:choice minOccurs="0" maxOccurs="unbounded">
904 <xs:element name="network" vs:help="configuration/system.net/mailSettings/smtp/network">
905 <xs:complexType>
906 <xs:attribute name="defaultCredentials" type="small_boolean_Type" use="optional" />
907 <xs:attribute name="host" type="xs:string" use="optional" />
908 <xs:attribute name="password" type="xs:string" use="optional" />
909 <xs:attribute name="port" type="xs:int" use="optional" />
910 <xs:attribute name="userName" type="xs:string" use="optional" />
911 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
912 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
913 <xs:attribute name="lockElements" type="xs:string" use="optional" />
914 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
915 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
916 </xs:complexType>
917 </xs:element>
918 <xs:element name="specifiedPickupDirectory" vs:help="configuration/system.net/mailSettings/smtp/specifiedPickupDirectory">
919 <xs:complexType>
920 <xs:attribute name="pickupDirectoryLocation" type="xs:string" use="optional" />
921 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
922 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
923 <xs:attribute name="lockElements" type="xs:string" use="optional" />
924 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
925 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
926 </xs:complexType>
927 </xs:element>
928 </xs:choice>
929 <xs:attribute name="deliveryMethod" use="optional">
930 <xs:simpleType>
931 <xs:restriction base="xs:NMTOKEN">
932 <xs:enumeration value="Network" />
933 <xs:enumeration value="PickupDirectoryFromIis" />
934 <xs:enumeration value="SpecifiedPickupDirectory" />
935 </xs:restriction>
936 </xs:simpleType>
937 </xs:attribute>
938 <xs:attribute name="from" type="xs:string" use="optional" />
939 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
940 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
941 <xs:attribute name="lockElements" type="xs:string" use="optional" />
942 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
943 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
944 <xs:attribute name="configSource" type="xs:string" use="optional" />
945 </xs:complexType>
946 </xs:element>
947 </xs:choice>
948 </xs:complexType>
949 </xs:element>
950 </xs:choice>
951 </xs:complexType>
952 </xs:element>
953 <xs:element name="system.transactions" vs:help="configuration/system.transactions">
954 <xs:complexType>
955 <xs:choice minOccurs="0" maxOccurs="unbounded">
956 <xs:element name="defaultSettings" vs:help="configuration/system.transactions/defaultSettings">
957 <xs:complexType>
958 <xs:attribute name="distributedTransactionManagerName" type="xs:string" use="optional" />
959 <xs:attribute name="timeout" use="optional">
960 <xs:simpleType>
961 <xs:restriction base="xs:string">
962 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
963 </xs:restriction>
964 </xs:simpleType>
965 </xs:attribute>
966 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
967 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
968 <xs:attribute name="lockElements" type="xs:string" use="optional" />
969 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
970 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
971 <xs:attribute name="configSource" type="xs:string" use="optional" />
972 </xs:complexType>
973 </xs:element>
974 <xs:element name="machineSettings" vs:help="configuration/system.transactions/machineSettings">
975 <xs:complexType>
976 <xs:attribute name="maxTimeout" use="optional">
977 <xs:simpleType>
978 <xs:restriction base="xs:string">
979 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
980 </xs:restriction>
981 </xs:simpleType>
982 </xs:attribute>
983 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
984 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
985 <xs:attribute name="lockElements" type="xs:string" use="optional" />
986 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
987 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
988 <xs:attribute name="configSource" type="xs:string" use="optional" />
989 </xs:complexType>
990 </xs:element>
991 </xs:choice>
992 </xs:complexType>
993 </xs:element>
994 <xs:element name="system.web" vs:help="configuration/system.web">
995 <xs:complexType>
996 <xs:choice minOccurs="0" maxOccurs="unbounded">
997 <xs:element name="anonymousIdentification" vs:help="configuration/system.web/anonymousIdentification">
998 <xs:complexType>
999 <xs:attribute name="cookieless" use="optional">
1000 <xs:simpleType>
1001 <xs:restriction base="xs:NMTOKEN">
1002 <xs:enumeration value="AutoDetect" />
1003 <xs:enumeration value="UseCookies" />
1004 <xs:enumeration value="UseDeviceProfile" />
1005 <xs:enumeration value="UseUri" />
1006 </xs:restriction>
1007 </xs:simpleType>
1008 </xs:attribute>
1009 <xs:attribute name="cookieName" use="optional">
1010 <xs:simpleType>
1011 <xs:restriction base="xs:string">
1012 <xs:minLength value="1" />
1013 </xs:restriction>
1014 </xs:simpleType>
1015 </xs:attribute>
1016 <xs:attribute name="cookiePath" use="optional">
1017 <xs:simpleType>
1018 <xs:restriction base="xs:string">
1019 <xs:minLength value="1" />
1020 </xs:restriction>
1021 </xs:simpleType>
1022 </xs:attribute>
1023 <xs:attribute name="cookieProtection" use="optional">
1024 <xs:simpleType>
1025 <xs:restriction base="xs:NMTOKEN">
1026 <xs:enumeration value="All" />
1027 <xs:enumeration value="Encryption" />
1028 <xs:enumeration value="None" />
1029 <xs:enumeration value="Validation" />
1030 </xs:restriction>
1031 </xs:simpleType>
1032 </xs:attribute>
1033 <xs:attribute name="cookieRequireSSL" type="small_boolean_Type" use="optional" />
1034 <xs:attribute name="cookieSlidingExpiration" type="small_boolean_Type" use="optional" />
1035 <xs:attribute name="cookieTimeout" use="optional">
1036 <xs:simpleType>
1037 <xs:restriction base="xs:string">
1038 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
1039 </xs:restriction>
1040 </xs:simpleType>
1041 </xs:attribute>
1042 <xs:attribute name="domain" type="xs:string" use="optional" />
1043 <xs:attribute name="enabled" type="small_boolean_Type" use="optional" />
1044 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1045 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1046 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1047 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1048 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1049 <xs:attribute name="configSource" type="xs:string" use="optional" />
1050 </xs:complexType>
1051 </xs:element>
1052 <xs:element name="authentication" vs:help="configuration/system.web/authentication">
1053 <xs:complexType>
1054 <xs:choice minOccurs="0" maxOccurs="unbounded">
1055 <xs:element name="forms" vs:help="configuration/system.web/authentication/forms">
1056 <xs:complexType>
1057 <xs:choice minOccurs="0" maxOccurs="unbounded">
1058 <xs:element name="credentials" vs:help="configuration/system.web/authentication/forms/credentials">
1059 <xs:complexType>
1060 <xs:choice minOccurs="0" maxOccurs="unbounded">
1061 <xs:element name="user" vs:help="configuration/system.web/authentication/forms/credentials/user">
1062 <xs:complexType>
1063 <xs:attribute name="name" use="required">
1064 <xs:simpleType>
1065 <xs:restriction base="xs:string">
1066 <xs:minLength value="0" />
1067 </xs:restriction>
1068 </xs:simpleType>
1069 </xs:attribute>
1070 <xs:attribute name="password" use="required">
1071 <xs:simpleType>
1072 <xs:restriction base="xs:string">
1073 <xs:minLength value="0" />
1074 </xs:restriction>
1075 </xs:simpleType>
1076 </xs:attribute>
1077 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1078 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1079 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1080 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1081 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1082 </xs:complexType>
1083 </xs:element>
1084 </xs:choice>
1085 <xs:attribute name="passwordFormat" use="optional">
1086 <xs:simpleType>
1087 <xs:restriction base="xs:NMTOKEN">
1088 <xs:enumeration value="Clear" />
1089 <xs:enumeration value="MD5" />
1090 <xs:enumeration value="SHA1" />
1091 </xs:restriction>
1092 </xs:simpleType>
1093 </xs:attribute>
1094 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1095 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1096 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1097 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1098 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1099 </xs:complexType>
1100 </xs:element>
1101 </xs:choice>
1102 <xs:attribute name="cookieless" use="optional">
1103 <xs:simpleType>
1104 <xs:restriction base="xs:NMTOKEN">
1105 <xs:enumeration value="AutoDetect" />
1106 <xs:enumeration value="UseCookies" />
1107 <xs:enumeration value="UseDeviceProfile" />
1108 <xs:enumeration value="UseUri" />
1109 </xs:restriction>
1110 </xs:simpleType>
1111 </xs:attribute>
1112 <xs:attribute name="defaultUrl" use="optional">
1113 <xs:simpleType>
1114 <xs:restriction base="xs:string">
1115 <xs:minLength value="1" />
1116 </xs:restriction>
1117 </xs:simpleType>
1118 </xs:attribute>
1119 <xs:attribute name="domain" type="xs:string" use="optional" />
1120 <xs:attribute name="enableCrossAppRedirects" type="small_boolean_Type" use="optional" />
1121 <xs:attribute name="loginUrl" use="optional">
1122 <xs:simpleType>
1123 <xs:restriction base="xs:string">
1124 <xs:minLength value="1" />
1125 </xs:restriction>
1126 </xs:simpleType>
1127 </xs:attribute>
1128 <xs:attribute name="name" use="optional">
1129 <xs:simpleType>
1130 <xs:restriction base="xs:string">
1131 <xs:minLength value="1" />
1132 </xs:restriction>
1133 </xs:simpleType>
1134 </xs:attribute>
1135 <xs:attribute name="path" use="optional">
1136 <xs:simpleType>
1137 <xs:restriction base="xs:string">
1138 <xs:minLength value="1" />
1139 </xs:restriction>
1140 </xs:simpleType>
1141 </xs:attribute>
1142 <xs:attribute name="protection" use="optional">
1143 <xs:simpleType>
1144 <xs:restriction base="xs:NMTOKEN">
1145 <xs:enumeration value="All" />
1146 <xs:enumeration value="Encryption" />
1147 <xs:enumeration value="None" />
1148 <xs:enumeration value="Validation" />
1149 </xs:restriction>
1150 </xs:simpleType>
1151 </xs:attribute>
1152 <xs:attribute name="requireSSL" type="small_boolean_Type" use="optional" />
1153 <xs:attribute name="slidingExpiration" type="small_boolean_Type" use="optional" />
1154 <xs:attribute name="timeout" use="optional">
1155 <xs:simpleType>
1156 <xs:restriction base="xs:string">
1157 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
1158 </xs:restriction>
1159 </xs:simpleType>
1160 </xs:attribute>
1161 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1162 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1163 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1164 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1165 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1166 </xs:complexType>
1167 </xs:element>
1168 <xs:element name="passport" vs:help="configuration/system.web/authentication/passport">
1169 <xs:complexType>
1170 <xs:attribute name="redirectUrl" use="optional">
1171 <xs:simpleType>
1172 <xs:restriction base="xs:string">
1173 <xs:minLength value="0" />
1174 </xs:restriction>
1175 </xs:simpleType>
1176 </xs:attribute>
1177 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1178 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1179 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1180 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1181 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1182 </xs:complexType>
1183 </xs:element>
1184 </xs:choice>
1185 <xs:attribute name="mode" use="optional">
1186 <xs:simpleType>
1187 <xs:restriction base="xs:NMTOKEN">
1188 <xs:enumeration value="Forms" />
1189 <xs:enumeration value="None" />
1190 <xs:enumeration value="Passport" />
1191 <xs:enumeration value="Windows" />
1192 </xs:restriction>
1193 </xs:simpleType>
1194 </xs:attribute>
1195 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1196 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1197 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1198 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1199 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1200 <xs:attribute name="configSource" type="xs:string" use="optional" />
1201 </xs:complexType>
1202 </xs:element>
1203 <xs:element name="authorization" vs:help="configuration/system.web/authorization">
1204 <xs:complexType>
1205 <xs:choice minOccurs="0" maxOccurs="unbounded">
1206 <xs:element name="allow" vs:help="configuration/system.web/authorization/allow">
1207 <xs:complexType>
1208 <xs:attribute name="roles" type="xs:string" use="optional" />
1209 <xs:attribute name="users" type="xs:string" use="optional" />
1210 <xs:attribute name="verbs" type="xs:string" use="optional" />
1211 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1212 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1213 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1214 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1215 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1216 </xs:complexType>
1217 </xs:element>
1218 <xs:element name="deny" vs:help="configuration/system.web/authorization/deny">
1219 <xs:complexType>
1220 <xs:attribute name="roles" type="xs:string" use="optional" />
1221 <xs:attribute name="users" type="xs:string" use="optional" />
1222 <xs:attribute name="verbs" type="xs:string" use="optional" />
1223 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1224 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1225 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1226 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1227 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1228 </xs:complexType>
1229 </xs:element>
1230 </xs:choice>
1231 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1232 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1233 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1234 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1235 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1236 <xs:attribute name="configSource" type="xs:string" use="optional" />
1237 </xs:complexType>
1238 </xs:element>
1239 <xs:element name="browserCaps" vs:help="configuration/system.web/browserCaps" />
1240 <xs:element name="clientTarget" vs:help="configuration/system.web/clientTarget">
1241 <xs:complexType>
1242 <xs:choice minOccurs="0" maxOccurs="unbounded">
1243 <xs:element name="add" vs:help="configuration/system.web/clientTarget/add">
1244 <xs:complexType>
1245 <xs:attribute name="alias" use="required">
1246 <xs:simpleType>
1247 <xs:restriction base="xs:string">
1248 <xs:minLength value="1" />
1249 </xs:restriction>
1250 </xs:simpleType>
1251 </xs:attribute>
1252 <xs:attribute name="userAgent" use="required">
1253 <xs:simpleType>
1254 <xs:restriction base="xs:string">
1255 <xs:minLength value="1" />
1256 </xs:restriction>
1257 </xs:simpleType>
1258 </xs:attribute>
1259 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1260 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1261 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1262 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1263 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1264 </xs:complexType>
1265 </xs:element>
1266 <xs:element name="remove" vs:help="configuration/system.web/clientTarget/remove">
1267 <xs:complexType>
1268 <xs:attribute name="alias" use="required">
1269 <xs:simpleType>
1270 <xs:restriction base="xs:string">
1271 <xs:minLength value="1" />
1272 </xs:restriction>
1273 </xs:simpleType>
1274 </xs:attribute>
1275 </xs:complexType>
1276 </xs:element>
1277 <xs:element name="clear" vs:help="configuration/system.web/clientTarget/clear">
1278 <xs:complexType>
1279 <!--tag is empty-->
1280 </xs:complexType>
1281 </xs:element>
1282 </xs:choice>
1283 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1284 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1285 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1286 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1287 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1288 <xs:attribute name="configSource" type="xs:string" use="optional" />
1289 </xs:complexType>
1290 </xs:element>
1291 <xs:element name="compilation" vs:help="configuration/system.web/compilation">
1292 <xs:complexType>
1293 <xs:choice minOccurs="0" maxOccurs="unbounded">
1294 <xs:element name="assemblies" vs:help="configuration/system.web/compilation/assemblies">
1295 <xs:complexType>
1296 <xs:choice minOccurs="0" maxOccurs="unbounded">
1297 <xs:element name="add" vs:help="configuration/system.web/compilation/assemblies/add">
1298 <xs:complexType>
1299 <xs:attribute name="assembly" use="required">
1300 <xs:simpleType>
1301 <xs:restriction base="xs:string">
1302 <xs:minLength value="1" />
1303 </xs:restriction>
1304 </xs:simpleType>
1305 </xs:attribute>
1306 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1307 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1308 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1309 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1310 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1311 </xs:complexType>
1312 </xs:element>
1313 <xs:element name="remove" vs:help="configuration/system.web/compilation/assemblies/remove">
1314 <xs:complexType>
1315 <xs:attribute name="assembly" use="required">
1316 <xs:simpleType>
1317 <xs:restriction base="xs:string">
1318 <xs:minLength value="1" />
1319 </xs:restriction>
1320 </xs:simpleType>
1321 </xs:attribute>
1322 </xs:complexType>
1323 </xs:element>
1324 <xs:element name="clear" vs:help="configuration/system.web/compilation/assemblies/clear">
1325 <xs:complexType>
1326 <!--tag is empty-->
1327 </xs:complexType>
1328 </xs:element>
1329 </xs:choice>
1330 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1331 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1332 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1333 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1334 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1335 </xs:complexType>
1336 </xs:element>
1337 <xs:element name="buildProviders" vs:help="configuration/system.web/compilation/buildProviders">
1338 <xs:complexType>
1339 <xs:choice minOccurs="0" maxOccurs="unbounded">
1340 <xs:element name="add" vs:help="configuration/system.web/compilation/buildProviders/add">
1341 <xs:complexType>
1342 <xs:attribute name="extension" use="required">
1343 <xs:simpleType>
1344 <xs:restriction base="xs:string">
1345 <xs:minLength value="1" />
1346 </xs:restriction>
1347 </xs:simpleType>
1348 </xs:attribute>
1349 <xs:attribute name="type" use="required">
1350 <xs:simpleType>
1351 <xs:restriction base="xs:string">
1352 <xs:minLength value="1" />
1353 </xs:restriction>
1354 </xs:simpleType>
1355 </xs:attribute>
1356 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1357 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1358 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1359 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1360 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1361 </xs:complexType>
1362 </xs:element>
1363 <xs:element name="remove" vs:help="configuration/system.web/compilation/buildProviders/remove">
1364 <xs:complexType>
1365 <xs:attribute name="extension" use="required">
1366 <xs:simpleType>
1367 <xs:restriction base="xs:string">
1368 <xs:minLength value="1" />
1369 </xs:restriction>
1370 </xs:simpleType>
1371 </xs:attribute>
1372 </xs:complexType>
1373 </xs:element>
1374 <xs:element name="clear" vs:help="configuration/system.web/compilation/buildProviders/clear">
1375 <xs:complexType>
1376 <!--tag is empty-->
1377 </xs:complexType>
1378 </xs:element>
1379 </xs:choice>
1380 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1381 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1382 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1383 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1384 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1385 </xs:complexType>
1386 </xs:element>
1387 <xs:element name="codeSubDirectories" vs:help="configuration/system.web/compilation/codeSubDirectories">
1388 <xs:complexType>
1389 <xs:choice minOccurs="0" maxOccurs="unbounded">
1390 <xs:element name="add" vs:help="configuration/system.web/compilation/codeSubDirectories/add">
1391 <xs:complexType>
1392 <xs:attribute name="directoryName" use="required">
1393 <xs:simpleType>
1394 <xs:restriction base="xs:string">
1395 <xs:whiteSpace value="collapse" />
1396 </xs:restriction>
1397 </xs:simpleType>
1398 </xs:attribute>
1399 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1400 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1401 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1402 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1403 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1404 </xs:complexType>
1405 </xs:element>
1406 </xs:choice>
1407 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1408 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1409 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1410 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1411 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1412 </xs:complexType>
1413 </xs:element>
1414 <xs:element name="expressionBuilders" vs:help="configuration/system.web/compilation/expressionBuilders">
1415 <xs:complexType>
1416 <xs:choice minOccurs="0" maxOccurs="unbounded">
1417 <xs:element name="add" vs:help="configuration/system.web/compilation/expressionBuilders/add">
1418 <xs:complexType>
1419 <xs:attribute name="expressionPrefix" use="required">
1420 <xs:simpleType>
1421 <xs:restriction base="xs:string">
1422 <xs:minLength value="1" />
1423 </xs:restriction>
1424 </xs:simpleType>
1425 </xs:attribute>
1426 <xs:attribute name="type" use="required">
1427 <xs:simpleType>
1428 <xs:restriction base="xs:string">
1429 <xs:minLength value="1" />
1430 </xs:restriction>
1431 </xs:simpleType>
1432 </xs:attribute>
1433 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1434 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1435 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1436 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1437 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1438 </xs:complexType>
1439 </xs:element>
1440 <xs:element name="remove" vs:help="configuration/system.web/compilation/expressionBuilders/remove">
1441 <xs:complexType>
1442 <xs:attribute name="expressionPrefix" use="required">
1443 <xs:simpleType>
1444 <xs:restriction base="xs:string">
1445 <xs:minLength value="1" />
1446 </xs:restriction>
1447 </xs:simpleType>
1448 </xs:attribute>
1449 </xs:complexType>
1450 </xs:element>
1451 <xs:element name="clear" vs:help="configuration/system.web/compilation/expressionBuilders/clear">
1452 <xs:complexType>
1453 <!--tag is empty-->
1454 </xs:complexType>
1455 </xs:element>
1456 </xs:choice>
1457 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1458 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1459 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1460 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1461 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1462 </xs:complexType>
1463 </xs:element>
1464 </xs:choice>
1465 <xs:attribute name="assemblyPostProcessorType" type="xs:string" use="optional" />
1466 <xs:attribute name="batch" type="small_boolean_Type" use="optional" />
1467 <xs:attribute name="batchTimeout" use="optional">
1468 <xs:simpleType>
1469 <xs:restriction base="xs:string">
1470 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
1471 </xs:restriction>
1472 </xs:simpleType>
1473 </xs:attribute>
1474 <xs:attribute name="debug" type="small_boolean_Type" use="optional" />
1475 <xs:attribute name="defaultLanguage" type="xs:string" use="optional" />
1476 <xs:attribute name="explicit" type="small_boolean_Type" use="optional" />
1477 <xs:attribute name="maxBatchGeneratedFileSize" type="xs:int" use="optional" />
1478 <xs:attribute name="maxBatchSize" type="xs:int" use="optional" />
1479 <xs:attribute name="numRecompilesBeforeAppRestart" type="xs:int" use="optional" />
1480 <xs:attribute name="strict" type="small_boolean_Type" use="optional" />
1481 <xs:attribute name="tempDirectory" type="xs:string" use="optional" />
1482 <xs:attribute name="urlLinePragmas" type="small_boolean_Type" use="optional" />
1483 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1484 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1485 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1486 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1487 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1488 <xs:attribute name="configSource" type="xs:string" use="optional" />
1489 </xs:complexType>
1490 </xs:element>
1491 <xs:element name="customErrors" vs:help="configuration/system.web/customErrors">
1492 <xs:complexType>
1493 <xs:choice minOccurs="0" maxOccurs="unbounded">
1494 <xs:element name="error" vs:help="configuration/system.web/customErrors/error">
1495 <xs:complexType>
1496 <xs:attribute name="redirect" use="required">
1497 <xs:simpleType>
1498 <xs:restriction base="xs:string">
1499 <xs:minLength value="1" />
1500 </xs:restriction>
1501 </xs:simpleType>
1502 </xs:attribute>
1503 <xs:attribute name="statusCode" use="required">
1504 <xs:simpleType>
1505 <xs:restriction base="xs:int">
1506 <xs:minInclusive value="100" />
1507 <xs:maxInclusive value="999" />
1508 </xs:restriction>
1509 </xs:simpleType>
1510 </xs:attribute>
1511 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1512 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1513 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1514 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1515 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1516 </xs:complexType>
1517 </xs:element>
1518 </xs:choice>
1519 <xs:attribute name="defaultRedirect" type="xs:string" use="optional" />
1520 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1521 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1522 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1523 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1524 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1525 <xs:attribute name="mode" use="optional">
1526 <xs:simpleType>
1527 <xs:restriction base="xs:NMTOKEN">
1528 <xs:enumeration value="Off" />
1529 <xs:enumeration value="On" />
1530 <xs:enumeration value="RemoteOnly" />
1531 </xs:restriction>
1532 </xs:simpleType>
1533 </xs:attribute>
1534 <xs:attribute name="configSource" type="xs:string" use="optional" />
1535 </xs:complexType>
1536 </xs:element>
1537 <xs:element name="deployment" vs:help="configuration/system.web/deployment">
1538 <xs:complexType>
1539 <xs:attribute name="retail" type="small_boolean_Type" use="optional" />
1540 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1541 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1542 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1543 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1544 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1545 <xs:attribute name="configSource" type="xs:string" use="optional" />
1546 </xs:complexType>
1547 </xs:element>
1548 <xs:element name="deviceFilters" vs:help="configuration/system.web/deviceFilters">
1549 <xs:complexType>
1550 <xs:choice minOccurs="0" maxOccurs="unbounded">
1551 <xs:element name="filter" vs:help="configuration/system.web/deviceFilters/filter">
1552 <xs:complexType>
1553 <xs:attribute name="argument" use="optional">
1554 <xs:simpleType>
1555 <xs:restriction base="xs:string">
1556 <xs:minLength value="1" />
1557 </xs:restriction>
1558 </xs:simpleType>
1559 </xs:attribute>
1560 <xs:attribute name="compare" use="optional">
1561 <xs:simpleType>
1562 <xs:restriction base="xs:string">
1563 <xs:minLength value="1" />
1564 </xs:restriction>
1565 </xs:simpleType>
1566 </xs:attribute>
1567 <xs:attribute name="type" type="xs:string" use="optional" />
1568 <xs:attribute name="method" use="optional">
1569 <xs:simpleType>
1570 <xs:restriction base="xs:string">
1571 <xs:minLength value="1" />
1572 </xs:restriction>
1573 </xs:simpleType>
1574 </xs:attribute>
1575 <xs:attribute name="name" use="required">
1576 <xs:simpleType>
1577 <xs:restriction base="xs:string">
1578 <xs:minLength value="1" />
1579 </xs:restriction>
1580 </xs:simpleType>
1581 </xs:attribute>
1582 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1583 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1584 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1585 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1586 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1587 </xs:complexType>
1588 </xs:element>
1589 </xs:choice>
1590 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1591 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1592 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1593 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1594 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1595 <xs:attribute name="configSource" type="xs:string" use="optional" />
1596 </xs:complexType>
1597 </xs:element>
1598 <xs:element name="globalization" vs:help="configuration/system.web/globalization">
1599 <xs:complexType>
1600 <xs:attribute name="culture" type="xs:string" use="optional" />
1601 <xs:attribute name="enableBestFitResponseEncoding" type="small_boolean_Type" use="optional" />
1602 <xs:attribute name="enableClientBasedCulture" type="small_boolean_Type" use="optional" />
1603 <xs:attribute name="fileEncoding" type="xs:string" use="optional" />
1604 <xs:attribute name="requestEncoding" type="xs:string" use="optional" />
1605 <xs:attribute name="resourceProviderFactoryType" type="xs:string" use="optional" />
1606 <xs:attribute name="responseEncoding" type="xs:string" use="optional" />
1607 <xs:attribute name="responseHeaderEncoding" type="xs:string" use="optional" />
1608 <xs:attribute name="uiCulture" type="xs:string" use="optional" />
1609 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1610 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1611 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1612 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1613 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1614 <xs:attribute name="configSource" type="xs:string" use="optional" />
1615 </xs:complexType>
1616 </xs:element>
1617 <xs:element name="healthMonitoring" vs:help="configuration/system.web/healthMonitoring">
1618 <xs:complexType>
1619 <xs:choice minOccurs="0" maxOccurs="unbounded">
1620 <xs:element name="bufferModes" vs:help="configuration/system.web/healthMonitoring/bufferModes">
1621 <xs:complexType>
1622 <xs:choice minOccurs="0" maxOccurs="unbounded">
1623 <xs:element name="add" vs:help="configuration/system.web/healthMonitoring/bufferModes/add">
1624 <xs:complexType>
1625 <xs:attribute name="maxBufferSize" use="required">
1626 <xs:simpleType>
1627 <xs:union memberTypes="xs:int Infinite">
1628 <xs:simpleType>
1629 <xs:restriction base="xs:int">
1630 <xs:minInclusive value="1" />
1631 </xs:restriction>
1632 </xs:simpleType>
1633 </xs:union>
1634 </xs:simpleType>
1635 </xs:attribute>
1636 <xs:attribute name="maxBufferThreads" use="optional">
1637 <xs:simpleType>
1638 <xs:union memberTypes="xs:int Infinite">
1639 <xs:simpleType>
1640 <xs:restriction base="xs:int">
1641 <xs:minInclusive value="1" />
1642 </xs:restriction>
1643 </xs:simpleType>
1644 </xs:union>
1645 </xs:simpleType>
1646 </xs:attribute>
1647 <xs:attribute name="maxFlushSize" use="required">
1648 <xs:simpleType>
1649 <xs:union memberTypes="xs:int Infinite">
1650 <xs:simpleType>
1651 <xs:restriction base="xs:int">
1652 <xs:minInclusive value="1" />
1653 </xs:restriction>
1654 </xs:simpleType>
1655 </xs:union>
1656 </xs:simpleType>
1657 </xs:attribute>
1658 <xs:attribute name="name" use="required">
1659 <xs:simpleType>
1660 <xs:restriction base="xs:string">
1661 <xs:minLength value="1" />
1662 </xs:restriction>
1663 </xs:simpleType>
1664 </xs:attribute>
1665 <xs:attribute name="regularFlushInterval" use="required">
1666 <xs:simpleType>
1667 <xs:restriction base="xs:string">
1668 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
1669 </xs:restriction>
1670 </xs:simpleType>
1671 </xs:attribute>
1672 <xs:attribute name="urgentFlushInterval" type="xs:string" use="required" />
1673 <xs:attribute name="urgentFlushThreshold" use="required">
1674 <xs:simpleType>
1675 <xs:union memberTypes="xs:int Infinite">
1676 <xs:simpleType>
1677 <xs:restriction base="xs:int">
1678 <xs:minInclusive value="1" />
1679 </xs:restriction>
1680 </xs:simpleType>
1681 </xs:union>
1682 </xs:simpleType>
1683 </xs:attribute>
1684 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1685 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1686 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1687 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1688 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1689 </xs:complexType>
1690 </xs:element>
1691 <xs:element name="remove" vs:help="configuration/system.web/healthMonitoring/bufferModes/remove">
1692 <xs:complexType>
1693 <xs:attribute name="name" use="required">
1694 <xs:simpleType>
1695 <xs:restriction base="xs:string">
1696 <xs:minLength value="1" />
1697 </xs:restriction>
1698 </xs:simpleType>
1699 </xs:attribute>
1700 </xs:complexType>
1701 </xs:element>
1702 <xs:element name="clear" vs:help="configuration/system.web/healthMonitoring/bufferModes/clear">
1703 <xs:complexType>
1704 <!--tag is empty-->
1705 </xs:complexType>
1706 </xs:element>
1707 </xs:choice>
1708 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1709 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1710 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1711 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1712 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1713 </xs:complexType>
1714 </xs:element>
1715 <xs:element name="eventMappings" vs:help="configuration/system.web/healthMonitoring/eventMappings">
1716 <xs:complexType>
1717 <xs:choice minOccurs="0" maxOccurs="unbounded">
1718 <xs:element name="add" vs:help="configuration/system.web/healthMonitoring/eventMappings/add">
1719 <xs:complexType>
1720 <xs:attribute name="endEventCode" use="optional">
1721 <xs:simpleType>
1722 <xs:restriction base="xs:int">
1723 <xs:minInclusive value="0" />
1724 </xs:restriction>
1725 </xs:simpleType>
1726 </xs:attribute>
1727 <xs:attribute name="name" type="xs:string" use="required" />
1728 <xs:attribute name="startEventCode" use="optional">
1729 <xs:simpleType>
1730 <xs:restriction base="xs:int">
1731 <xs:minInclusive value="0" />
1732 </xs:restriction>
1733 </xs:simpleType>
1734 </xs:attribute>
1735 <xs:attribute name="type" type="xs:string" use="required" />
1736 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1737 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1738 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1739 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1740 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1741 </xs:complexType>
1742 </xs:element>
1743 <xs:element name="remove" vs:help="configuration/system.web/healthMonitoring/eventMappings/remove">
1744 <xs:complexType>
1745 <xs:attribute name="name" type="xs:string" use="required" />
1746 </xs:complexType>
1747 </xs:element>
1748 <xs:element name="clear" vs:help="configuration/system.web/healthMonitoring/eventMappings/clear">
1749 <xs:complexType>
1750 <!--tag is empty-->
1751 </xs:complexType>
1752 </xs:element>
1753 </xs:choice>
1754 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1755 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1756 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1757 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1758 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1759 </xs:complexType>
1760 </xs:element>
1761 <xs:element name="profiles" vs:help="configuration/system.web/healthMonitoring/profiles">
1762 <xs:complexType>
1763 <xs:choice minOccurs="0" maxOccurs="unbounded">
1764 <xs:element name="add" vs:help="configuration/system.web/healthMonitoring/profiles/add">
1765 <xs:complexType>
1766 <xs:attribute name="custom" type="xs:string" use="optional" />
1767 <xs:attribute name="maxLimit" use="optional">
1768 <xs:simpleType>
1769 <xs:union memberTypes="xs:int Infinite">
1770 <xs:simpleType>
1771 <xs:restriction base="xs:int">
1772 <xs:minInclusive value="0" />
1773 </xs:restriction>
1774 </xs:simpleType>
1775 </xs:union>
1776 </xs:simpleType>
1777 </xs:attribute>
1778 <xs:attribute name="minInstances" use="optional">
1779 <xs:simpleType>
1780 <xs:restriction base="xs:int">
1781 <xs:minInclusive value="1" />
1782 </xs:restriction>
1783 </xs:simpleType>
1784 </xs:attribute>
1785 <xs:attribute name="minInterval" type="xs:string" use="optional" />
1786 <xs:attribute name="name" use="required">
1787 <xs:simpleType>
1788 <xs:restriction base="xs:string">
1789 <xs:minLength value="1" />
1790 </xs:restriction>
1791 </xs:simpleType>
1792 </xs:attribute>
1793 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1794 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1795 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1796 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1797 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1798 </xs:complexType>
1799 </xs:element>
1800 <xs:element name="remove" vs:help="configuration/system.web/healthMonitoring/profiles/remove">
1801 <xs:complexType>
1802 <xs:attribute name="name" use="required">
1803 <xs:simpleType>
1804 <xs:restriction base="xs:string">
1805 <xs:minLength value="1" />
1806 </xs:restriction>
1807 </xs:simpleType>
1808 </xs:attribute>
1809 </xs:complexType>
1810 </xs:element>
1811 <xs:element name="clear" vs:help="configuration/system.web/healthMonitoring/profiles/clear">
1812 <xs:complexType>
1813 <!--tag is empty-->
1814 </xs:complexType>
1815 </xs:element>
1816 </xs:choice>
1817 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1818 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1819 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1820 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1821 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1822 </xs:complexType>
1823 </xs:element>
1824 <xs:element name="providers" vs:help="configuration/system.web/healthMonitoring/providers">
1825 <xs:complexType>
1826 <xs:choice minOccurs="0" maxOccurs="unbounded">
1827 <xs:element name="add" vs:help="configuration/system.web/healthMonitoring/providers/add">
1828 <xs:complexType>
1829 <xs:attribute name="name" type="xs:string" use="required" />
1830 <xs:attribute name="type" type="xs:string" use="required" />
1831 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1832 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1833 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1834 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1835 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1836 <xs:anyAttribute processContents="skip" />
1837 </xs:complexType>
1838 </xs:element>
1839 <xs:element name="remove" vs:help="configuration/system.web/healthMonitoring/providers/remove">
1840 <xs:complexType>
1841 <xs:attribute name="name" type="xs:string" use="required" />
1842 </xs:complexType>
1843 </xs:element>
1844 <xs:element name="clear" vs:help="configuration/system.web/healthMonitoring/providers/clear">
1845 <xs:complexType>
1846 <!--tag is empty-->
1847 </xs:complexType>
1848 </xs:element>
1849 </xs:choice>
1850 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1851 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1852 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1853 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1854 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1855 </xs:complexType>
1856 </xs:element>
1857 <xs:element name="rules" vs:help="configuration/system.web/healthMonitoring/rules">
1858 <xs:complexType>
1859 <xs:choice minOccurs="0" maxOccurs="unbounded">
1860 <xs:element name="add" vs:help="configuration/system.web/healthMonitoring/rules/add">
1861 <xs:complexType>
1862 <xs:attribute name="custom" type="xs:string" use="optional" />
1863 <xs:attribute name="eventName" type="xs:string" use="required" />
1864 <xs:attribute name="maxLimit" use="optional">
1865 <xs:simpleType>
1866 <xs:union memberTypes="xs:int Infinite">
1867 <xs:simpleType>
1868 <xs:restriction base="xs:int">
1869 <xs:minInclusive value="0" />
1870 </xs:restriction>
1871 </xs:simpleType>
1872 </xs:union>
1873 </xs:simpleType>
1874 </xs:attribute>
1875 <xs:attribute name="minInstances" use="optional">
1876 <xs:simpleType>
1877 <xs:restriction base="xs:int">
1878 <xs:minInclusive value="1" />
1879 </xs:restriction>
1880 </xs:simpleType>
1881 </xs:attribute>
1882 <xs:attribute name="minInterval" type="xs:string" use="optional" />
1883 <xs:attribute name="name" use="required">
1884 <xs:simpleType>
1885 <xs:restriction base="xs:string">
1886 <xs:minLength value="1" />
1887 </xs:restriction>
1888 </xs:simpleType>
1889 </xs:attribute>
1890 <xs:attribute name="profile" type="xs:string" use="optional" />
1891 <xs:attribute name="provider" type="xs:string" use="optional" />
1892 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1893 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1894 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1895 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1896 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1897 </xs:complexType>
1898 </xs:element>
1899 <xs:element name="remove" vs:help="configuration/system.web/healthMonitoring/rules/remove">
1900 <xs:complexType>
1901 <xs:attribute name="name" use="required">
1902 <xs:simpleType>
1903 <xs:restriction base="xs:string">
1904 <xs:minLength value="1" />
1905 </xs:restriction>
1906 </xs:simpleType>
1907 </xs:attribute>
1908 </xs:complexType>
1909 </xs:element>
1910 <xs:element name="clear" vs:help="configuration/system.web/healthMonitoring/rules/clear">
1911 <xs:complexType>
1912 <!--tag is empty-->
1913 </xs:complexType>
1914 </xs:element>
1915 </xs:choice>
1916 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1917 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1918 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1919 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1920 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1921 </xs:complexType>
1922 </xs:element>
1923 </xs:choice>
1924 <xs:attribute name="enabled" type="small_boolean_Type" use="optional" />
1925 <xs:attribute name="heartbeatInterval" use="optional">
1926 <xs:simpleType>
1927 <xs:restriction base="xs:string">
1928 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
1929 </xs:restriction>
1930 </xs:simpleType>
1931 </xs:attribute>
1932 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1933 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1934 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1935 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1936 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1937 <xs:attribute name="configSource" type="xs:string" use="optional" />
1938 </xs:complexType>
1939 </xs:element>
1940 <xs:element name="hostingEnvironment" vs:help="configuration/system.web/hostingEnvironment">
1941 <xs:complexType>
1942 <xs:attribute name="idleTimeout" use="optional">
1943 <xs:simpleType>
1944 <xs:restriction base="xs:string">
1945 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
1946 </xs:restriction>
1947 </xs:simpleType>
1948 </xs:attribute>
1949 <xs:attribute name="shadowCopyBinAssemblies" type="small_boolean_Type" use="optional" />
1950 <xs:attribute name="shutdownTimeout" use="optional">
1951 <xs:simpleType>
1952 <xs:restriction base="xs:string">
1953 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
1954 </xs:restriction>
1955 </xs:simpleType>
1956 </xs:attribute>
1957 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1958 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1959 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1960 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1961 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1962 <xs:attribute name="configSource" type="xs:string" use="optional" />
1963 </xs:complexType>
1964 </xs:element>
1965 <xs:element name="httpCookies" vs:help="configuration/system.web/httpCookies">
1966 <xs:complexType>
1967 <xs:attribute name="domain" type="xs:string" use="optional" />
1968 <xs:attribute name="httpOnlyCookies" type="small_boolean_Type" use="optional" />
1969 <xs:attribute name="requireSSL" type="small_boolean_Type" use="optional" />
1970 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1971 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1972 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1973 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1974 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1975 <xs:attribute name="configSource" type="xs:string" use="optional" />
1976 </xs:complexType>
1977 </xs:element>
1978 <xs:element name="httpHandlers" vs:help="configuration/system.web/httpHandlers">
1979 <xs:complexType>
1980 <xs:choice minOccurs="0" maxOccurs="unbounded">
1981 <xs:element name="add" vs:help="configuration/system.web/httpHandlers/add">
1982 <xs:complexType>
1983 <xs:attribute name="path" type="xs:string" use="required" />
1984 <xs:attribute name="type" type="xs:string" use="required" />
1985 <xs:attribute name="validate" type="small_boolean_Type" use="optional" />
1986 <xs:attribute name="verb" type="xs:string" use="required" />
1987 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
1988 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
1989 <xs:attribute name="lockElements" type="xs:string" use="optional" />
1990 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
1991 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
1992 </xs:complexType>
1993 </xs:element>
1994 <xs:element name="remove" vs:help="configuration/system.web/httpHandlers/remove">
1995 <xs:complexType>
1996 <xs:attribute name="path" type="xs:string" use="required" />
1997 <xs:attribute name="verb" type="xs:string" use="required" />
1998 </xs:complexType>
1999 </xs:element>
2000 <xs:element name="clear" vs:help="configuration/system.web/httpHandlers/clear">
2001 <xs:complexType>
2002 <!--tag is empty-->
2003 </xs:complexType>
2004 </xs:element>
2005 </xs:choice>
2006 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2007 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2008 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2009 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2010 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2011 <xs:attribute name="configSource" type="xs:string" use="optional" />
2012 </xs:complexType>
2013 </xs:element>
2014 <xs:element name="httpModules" vs:help="configuration/system.web/httpModules">
2015 <xs:complexType>
2016 <xs:choice minOccurs="0" maxOccurs="unbounded">
2017 <xs:element name="add" vs:help="configuration/system.web/httpModules/add">
2018 <xs:complexType>
2019 <xs:attribute name="name" use="required">
2020 <xs:simpleType>
2021 <xs:restriction base="xs:string">
2022 <xs:minLength value="1" />
2023 </xs:restriction>
2024 </xs:simpleType>
2025 </xs:attribute>
2026 <xs:attribute name="type" type="xs:string" use="required" />
2027 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2028 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2029 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2030 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2031 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2032 </xs:complexType>
2033 </xs:element>
2034 <xs:element name="remove" vs:help="configuration/system.web/httpModules/remove">
2035 <xs:complexType>
2036 <xs:attribute name="name" use="required">
2037 <xs:simpleType>
2038 <xs:restriction base="xs:string">
2039 <xs:minLength value="1" />
2040 </xs:restriction>
2041 </xs:simpleType>
2042 </xs:attribute>
2043 </xs:complexType>
2044 </xs:element>
2045 <xs:element name="clear" vs:help="configuration/system.web/httpModules/clear">
2046 <xs:complexType>
2047 <!--tag is empty-->
2048 </xs:complexType>
2049 </xs:element>
2050 </xs:choice>
2051 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2052 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2053 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2054 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2055 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2056 <xs:attribute name="configSource" type="xs:string" use="optional" />
2057 </xs:complexType>
2058 </xs:element>
2059 <xs:element name="httpRuntime" vs:help="configuration/system.web/httpRuntime">
2060 <xs:complexType>
2061 <xs:attribute name="apartmentThreading" type="small_boolean_Type" use="optional" />
2062 <xs:attribute name="appRequestQueueLimit" use="optional">
2063 <xs:simpleType>
2064 <xs:restriction base="xs:int">
2065 <xs:minInclusive value="1" />
2066 </xs:restriction>
2067 </xs:simpleType>
2068 </xs:attribute>
2069 <xs:attribute name="delayNotificationTimeout" type="xs:string" use="optional" />
2070 <xs:attribute name="enable" type="small_boolean_Type" use="optional" />
2071 <xs:attribute name="enableHeaderChecking" type="small_boolean_Type" use="optional" />
2072 <xs:attribute name="enableKernelOutputCache" type="small_boolean_Type" use="optional" />
2073 <xs:attribute name="enableVersionHeader" type="small_boolean_Type" use="optional" />
2074 <xs:attribute name="executionTimeout" use="optional">
2075 <xs:simpleType>
2076 <xs:restriction base="xs:string">
2077 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
2078 </xs:restriction>
2079 </xs:simpleType>
2080 </xs:attribute>
2081 <xs:attribute name="maxRequestLength" use="optional">
2082 <xs:simpleType>
2083 <xs:restriction base="xs:int">
2084 <xs:minInclusive value="0" />
2085 </xs:restriction>
2086 </xs:simpleType>
2087 </xs:attribute>
2088 <xs:attribute name="maxWaitChangeNotification" use="optional">
2089 <xs:simpleType>
2090 <xs:restriction base="xs:int">
2091 <xs:minInclusive value="0" />
2092 </xs:restriction>
2093 </xs:simpleType>
2094 </xs:attribute>
2095 <xs:attribute name="minFreeThreads" use="optional">
2096 <xs:simpleType>
2097 <xs:restriction base="xs:int">
2098 <xs:minInclusive value="0" />
2099 </xs:restriction>
2100 </xs:simpleType>
2101 </xs:attribute>
2102 <xs:attribute name="minLocalRequestFreeThreads" use="optional">
2103 <xs:simpleType>
2104 <xs:restriction base="xs:int">
2105 <xs:minInclusive value="0" />
2106 </xs:restriction>
2107 </xs:simpleType>
2108 </xs:attribute>
2109 <xs:attribute name="requestLengthDiskThreshold" use="optional">
2110 <xs:simpleType>
2111 <xs:restriction base="xs:int">
2112 <xs:minInclusive value="1" />
2113 </xs:restriction>
2114 </xs:simpleType>
2115 </xs:attribute>
2116 <xs:attribute name="requireRootedSaveAsPath" type="small_boolean_Type" use="optional" />
2117 <xs:attribute name="sendCacheControlHeader" type="small_boolean_Type" use="optional" />
2118 <xs:attribute name="shutdownTimeout" type="xs:string" use="optional" />
2119 <xs:attribute name="useFullyQualifiedRedirectUrl" type="small_boolean_Type" use="optional" />
2120 <xs:attribute name="waitChangeNotification" use="optional">
2121 <xs:simpleType>
2122 <xs:restriction base="xs:int">
2123 <xs:minInclusive value="0" />
2124 </xs:restriction>
2125 </xs:simpleType>
2126 </xs:attribute>
2127 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2128 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2129 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2130 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2131 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2132 <xs:attribute name="configSource" type="xs:string" use="optional" />
2133 </xs:complexType>
2134 </xs:element>
2135 <xs:element name="identity" vs:help="configuration/system.web/identity">
2136 <xs:complexType>
2137 <xs:attribute name="impersonate" type="small_boolean_Type" use="optional" />
2138 <xs:attribute name="password" type="xs:string" use="optional" />
2139 <xs:attribute name="userName" type="xs:string" use="optional" />
2140 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2141 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2142 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2143 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2144 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2145 <xs:attribute name="configSource" type="xs:string" use="optional" />
2146 </xs:complexType>
2147 </xs:element>
2148 <xs:element name="machineKey" vs:help="configuration/system.web/machineKey">
2149 <xs:complexType>
2150 <xs:attribute name="decryption" use="optional">
2151 <xs:simpleType>
2152 <xs:restriction base="xs:string">
2153 <xs:minLength value="1" />
2154 <xs:whiteSpace value="collapse" />
2155 </xs:restriction>
2156 </xs:simpleType>
2157 </xs:attribute>
2158 <xs:attribute name="decryptionKey" use="optional">
2159 <xs:simpleType>
2160 <xs:restriction base="xs:string">
2161 <xs:minLength value="1" />
2162 <xs:whiteSpace value="collapse" />
2163 </xs:restriction>
2164 </xs:simpleType>
2165 </xs:attribute>
2166 <xs:attribute name="validation" use="optional">
2167 <xs:simpleType>
2168 <xs:restriction base="xs:NMTOKEN">
2169 <xs:enumeration value="AES" />
2170 <xs:enumeration value="MD5" />
2171 <xs:enumeration value="SHA1" />
2172 <xs:enumeration value="3DES" />
2173 </xs:restriction>
2174 </xs:simpleType>
2175 </xs:attribute>
2176 <xs:attribute name="validationKey" use="optional">
2177 <xs:simpleType>
2178 <xs:restriction base="xs:string">
2179 <xs:minLength value="1" />
2180 <xs:whiteSpace value="collapse" />
2181 </xs:restriction>
2182 </xs:simpleType>
2183 </xs:attribute>
2184 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2185 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2186 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2187 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2188 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2189 <xs:attribute name="configSource" type="xs:string" use="optional" />
2190 </xs:complexType>
2191 </xs:element>
2192 <xs:element name="membership" vs:help="configuration/system.web/membership">
2193 <xs:complexType>
2194 <xs:choice minOccurs="0" maxOccurs="unbounded">
2195 <xs:element name="providers" vs:help="configuration/system.web/membership/providers">
2196 <xs:complexType>
2197 <xs:choice minOccurs="0" maxOccurs="unbounded">
2198 <xs:element name="add" vs:help="configuration/system.web/membership/providers/add">
2199 <xs:complexType>
2200 <xs:attribute name="name" type="xs:string" use="required" />
2201 <xs:attribute name="type" type="xs:string" use="required" />
2202 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2203 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2204 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2205 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2206 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2207 <xs:anyAttribute processContents="skip" />
2208 </xs:complexType>
2209 </xs:element>
2210 <xs:element name="remove" vs:help="configuration/system.web/membership/providers/remove">
2211 <xs:complexType>
2212 <xs:attribute name="name" type="xs:string" use="required" />
2213 </xs:complexType>
2214 </xs:element>
2215 <xs:element name="clear" vs:help="configuration/system.web/membership/providers/clear">
2216 <xs:complexType>
2217 <!--tag is empty-->
2218 </xs:complexType>
2219 </xs:element>
2220 </xs:choice>
2221 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2222 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2223 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2224 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2225 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2226 </xs:complexType>
2227 </xs:element>
2228 </xs:choice>
2229 <xs:attribute name="defaultProvider" use="optional">
2230 <xs:simpleType>
2231 <xs:restriction base="xs:string">
2232 <xs:minLength value="1" />
2233 </xs:restriction>
2234 </xs:simpleType>
2235 </xs:attribute>
2236 <xs:attribute name="hashAlgorithmType" type="xs:string" use="optional" />
2237 <xs:attribute name="userIsOnlineTimeWindow" use="optional">
2238 <xs:simpleType>
2239 <xs:restriction base="xs:string">
2240 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
2241 </xs:restriction>
2242 </xs:simpleType>
2243 </xs:attribute>
2244 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2245 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2246 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2247 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2248 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2249 <xs:attribute name="configSource" type="xs:string" use="optional" />
2250 </xs:complexType>
2251 </xs:element>
2252 <xs:element name="mobileControls" vs:help="configuration/system.web/mobileControls">
2253 <xs:complexType>
2254 <xs:choice minOccurs="0" maxOccurs="unbounded">
2255 <xs:element name="device" vs:help="configuration/system.web/mobileControls/device">
2256 <xs:complexType>
2257 <xs:choice minOccurs="0" maxOccurs="unbounded">
2258 <xs:element name="control" vs:help="configuration/system.web/mobileControls/DeviceElement/control">
2259 <xs:complexType>
2260 <xs:attribute name="adapter" type="xs:string" use="required" />
2261 <xs:attribute name="name" use="required">
2262 <xs:simpleType>
2263 <xs:restriction base="xs:string">
2264 <xs:minLength value="1" />
2265 </xs:restriction>
2266 </xs:simpleType>
2267 </xs:attribute>
2268 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2269 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2270 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2271 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2272 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2273 </xs:complexType>
2274 </xs:element>
2275 <xs:element name="remove" vs:help="configuration/system.web/mobileControls/DeviceElement/remove">
2276 <xs:complexType>
2277 <xs:attribute name="name" use="required">
2278 <xs:simpleType>
2279 <xs:restriction base="xs:string">
2280 <xs:minLength value="1" />
2281 </xs:restriction>
2282 </xs:simpleType>
2283 </xs:attribute>
2284 </xs:complexType>
2285 </xs:element>
2286 <xs:element name="clear" vs:help="configuration/system.web/mobileControls/DeviceElement/clear">
2287 <xs:complexType>
2288 <!--tag is empty-->
2289 </xs:complexType>
2290 </xs:element>
2291 </xs:choice>
2292 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2293 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2294 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2295 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2296 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2297 <xs:attribute name="inheritsFrom" use="optional">
2298 <xs:simpleType>
2299 <xs:restriction base="xs:string">
2300 <xs:minLength value="1" />
2301 </xs:restriction>
2302 </xs:simpleType>
2303 </xs:attribute>
2304 <xs:attribute name="name" use="required">
2305 <xs:simpleType>
2306 <xs:restriction base="xs:string">
2307 <xs:minLength value="1" />
2308 </xs:restriction>
2309 </xs:simpleType>
2310 </xs:attribute>
2311 <xs:attribute name="pageAdapter" type="xs:string" use="optional" />
2312 <xs:attribute name="predicateClass" type="xs:string" use="optional" />
2313 <xs:attribute name="predicateMethod" use="optional">
2314 <xs:simpleType>
2315 <xs:restriction base="xs:string">
2316 <xs:minLength value="1" />
2317 </xs:restriction>
2318 </xs:simpleType>
2319 </xs:attribute>
2320 </xs:complexType>
2321 </xs:element>
2322 <xs:element name="remove" vs:help="configuration/system.web/mobileControls/remove">
2323 <xs:complexType>
2324 <xs:choice minOccurs="0" maxOccurs="unbounded">
2325 <xs:element name="control" vs:help="configuration/system.web/mobileControls/DeviceElement/control">
2326 <xs:complexType>
2327 <xs:attribute name="adapter" type="xs:string" use="required" />
2328 <xs:attribute name="name" use="required">
2329 <xs:simpleType>
2330 <xs:restriction base="xs:string">
2331 <xs:minLength value="1" />
2332 </xs:restriction>
2333 </xs:simpleType>
2334 </xs:attribute>
2335 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2336 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2337 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2338 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2339 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2340 </xs:complexType>
2341 </xs:element>
2342 <xs:element name="remove" vs:help="configuration/system.web/mobileControls/DeviceElement/remove">
2343 <xs:complexType>
2344 <xs:attribute name="name" use="required">
2345 <xs:simpleType>
2346 <xs:restriction base="xs:string">
2347 <xs:minLength value="1" />
2348 </xs:restriction>
2349 </xs:simpleType>
2350 </xs:attribute>
2351 </xs:complexType>
2352 </xs:element>
2353 <xs:element name="clear" vs:help="configuration/system.web/mobileControls/DeviceElement/clear">
2354 <xs:complexType>
2355 <!--tag is empty-->
2356 </xs:complexType>
2357 </xs:element>
2358 </xs:choice>
2359 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2360 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2361 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2362 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2363 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2364 <xs:attribute name="name" use="required">
2365 <xs:simpleType>
2366 <xs:restriction base="xs:string">
2367 <xs:minLength value="1" />
2368 </xs:restriction>
2369 </xs:simpleType>
2370 </xs:attribute>
2371 </xs:complexType>
2372 </xs:element>
2373 <xs:element name="clear" vs:help="configuration/system.web/mobileControls/clear">
2374 <xs:complexType>
2375 <!--tag is empty-->
2376 </xs:complexType>
2377 </xs:element>
2378 </xs:choice>
2379 <xs:attribute name="allowCustomAttributes" type="small_boolean_Type" use="optional" />
2380 <xs:attribute name="cookielessDataDictionaryType" type="xs:string" use="optional" />
2381 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2382 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2383 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2384 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2385 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2386 <xs:attribute name="sessionStateHistorySize" use="optional">
2387 <xs:simpleType>
2388 <xs:restriction base="xs:int">
2389 <xs:minInclusive value="0" />
2390 </xs:restriction>
2391 </xs:simpleType>
2392 </xs:attribute>
2393 <xs:attribute name="configSource" type="xs:string" use="optional" />
2394 </xs:complexType>
2395 </xs:element>
2396 <xs:element name="pages" vs:help="configuration/system.web/pages">
2397 <xs:complexType>
2398 <xs:choice minOccurs="0" maxOccurs="unbounded">
2399 <xs:element name="controls" vs:help="configuration/system.web/pages/controls">
2400 <xs:complexType>
2401 <xs:choice minOccurs="0" maxOccurs="unbounded">
2402 <xs:element name="add" vs:help="configuration/system.web/pages/controls/add">
2403 <xs:complexType>
2404 <xs:attribute name="assembly" type="xs:string" use="optional" />
2405 <xs:attribute name="namespace" type="xs:string" use="optional" />
2406 <xs:attribute name="src" type="xs:string" use="optional" />
2407 <xs:attribute name="tagName" type="xs:string" use="optional" />
2408 <xs:attribute name="tagPrefix" use="required">
2409 <xs:simpleType>
2410 <xs:restriction base="xs:string">
2411 <xs:minLength value="1" />
2412 </xs:restriction>
2413 </xs:simpleType>
2414 </xs:attribute>
2415 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2416 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2417 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2418 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2419 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2420 </xs:complexType>
2421 </xs:element>
2422 </xs:choice>
2423 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2424 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2425 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2426 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2427 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2428 </xs:complexType>
2429 </xs:element>
2430 <xs:element name="namespaces" vs:help="configuration/system.web/pages/namespaces">
2431 <xs:complexType>
2432 <xs:choice minOccurs="0" maxOccurs="unbounded">
2433 <xs:element name="add" vs:help="configuration/system.web/pages/namespaces/add">
2434 <xs:complexType>
2435 <xs:attribute name="namespace" use="required">
2436 <xs:simpleType>
2437 <xs:restriction base="xs:string">
2438 <xs:minLength value="1" />
2439 </xs:restriction>
2440 </xs:simpleType>
2441 </xs:attribute>
2442 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2443 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2444 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2445 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2446 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2447 </xs:complexType>
2448 </xs:element>
2449 <xs:element name="remove" vs:help="configuration/system.web/pages/namespaces/remove">
2450 <xs:complexType>
2451 <xs:attribute name="namespace" use="required">
2452 <xs:simpleType>
2453 <xs:restriction base="xs:string">
2454 <xs:minLength value="1" />
2455 </xs:restriction>
2456 </xs:simpleType>
2457 </xs:attribute>
2458 </xs:complexType>
2459 </xs:element>
2460 <xs:element name="clear" vs:help="configuration/system.web/pages/namespaces/clear">
2461 <xs:complexType>
2462 <!--tag is empty-->
2463 </xs:complexType>
2464 </xs:element>
2465 </xs:choice>
2466 <xs:attribute name="autoImportVBNamespace" type="small_boolean_Type" use="optional" />
2467 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2468 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2469 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2470 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2471 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2472 </xs:complexType>
2473 </xs:element>
2474 <xs:element name="tagMapping" vs:help="configuration/system.web/pages/tagMapping">
2475 <xs:complexType>
2476 <xs:choice minOccurs="0" maxOccurs="unbounded">
2477 <xs:element name="add" vs:help="configuration/system.web/pages/tagMapping/add">
2478 <xs:complexType>
2479 <xs:attribute name="mappedTagType" use="optional">
2480 <xs:simpleType>
2481 <xs:restriction base="xs:string">
2482 <xs:minLength value="1" />
2483 </xs:restriction>
2484 </xs:simpleType>
2485 </xs:attribute>
2486 <xs:attribute name="tagType" use="required">
2487 <xs:simpleType>
2488 <xs:restriction base="xs:string">
2489 <xs:minLength value="1" />
2490 </xs:restriction>
2491 </xs:simpleType>
2492 </xs:attribute>
2493 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2494 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2495 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2496 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2497 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2498 </xs:complexType>
2499 </xs:element>
2500 <xs:element name="remove" vs:help="configuration/system.web/pages/tagMapping/remove">
2501 <xs:complexType>
2502 <xs:attribute name="tagType" use="required">
2503 <xs:simpleType>
2504 <xs:restriction base="xs:string">
2505 <xs:minLength value="1" />
2506 </xs:restriction>
2507 </xs:simpleType>
2508 </xs:attribute>
2509 </xs:complexType>
2510 </xs:element>
2511 <xs:element name="clear" vs:help="configuration/system.web/pages/tagMapping/clear">
2512 <xs:complexType>
2513 <!--tag is empty-->
2514 </xs:complexType>
2515 </xs:element>
2516 </xs:choice>
2517 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2518 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2519 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2520 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2521 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2522 </xs:complexType>
2523 </xs:element>
2524 </xs:choice>
2525 <xs:attribute name="asyncTimeout" use="optional">
2526 <xs:simpleType>
2527 <xs:restriction base="xs:string">
2528 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
2529 </xs:restriction>
2530 </xs:simpleType>
2531 </xs:attribute>
2532 <xs:attribute name="autoEventWireup" type="small_boolean_Type" use="optional" />
2533 <xs:attribute name="buffer" type="small_boolean_Type" use="optional" />
2534 <xs:attribute name="compilationMode" use="optional">
2535 <xs:simpleType>
2536 <xs:restriction base="xs:NMTOKEN">
2537 <xs:enumeration value="Always" />
2538 <xs:enumeration value="Auto" />
2539 <xs:enumeration value="Never" />
2540 </xs:restriction>
2541 </xs:simpleType>
2542 </xs:attribute>
2543 <xs:attribute name="enableEventValidation" type="small_boolean_Type" use="optional" />
2544 <xs:attribute name="enableSessionState" use="optional">
2545 <xs:simpleType>
2546 <xs:restriction base="xs:NMTOKEN">
2547 <xs:enumeration value="false" />
2548 <xs:enumeration value="ReadOnly" />
2549 <xs:enumeration value="true" />
2550 </xs:restriction>
2551 </xs:simpleType>
2552 </xs:attribute>
2553 <xs:attribute name="enableViewState" type="small_boolean_Type" use="optional" />
2554 <xs:attribute name="enableViewStateMac" type="small_boolean_Type" use="optional" />
2555 <xs:attribute name="maintainScrollPositionOnPostBack" type="small_boolean_Type" use="optional" />
2556 <xs:attribute name="masterPageFile" type="xs:string" use="optional" />
2557 <xs:attribute name="maxPageStateFieldLength" type="xs:int" use="optional" />
2558 <xs:attribute name="pageBaseType" type="xs:string" use="optional" />
2559 <xs:attribute name="pageParserFilterType" type="xs:string" use="optional" />
2560 <xs:attribute name="smartNavigation" type="small_boolean_Type" use="optional" />
2561 <xs:attribute name="styleSheetTheme" type="xs:string" use="optional" />
2562 <xs:attribute name="theme" type="xs:string" use="optional" />
2563 <xs:attribute name="userControlBaseType" type="xs:string" use="optional" />
2564 <xs:attribute name="validateRequest" type="small_boolean_Type" use="optional" />
2565 <xs:attribute name="viewStateEncryptionMode" use="optional">
2566 <xs:simpleType>
2567 <xs:restriction base="xs:NMTOKEN">
2568 <xs:enumeration value="Always" />
2569 <xs:enumeration value="Auto" />
2570 <xs:enumeration value="Never" />
2571 </xs:restriction>
2572 </xs:simpleType>
2573 </xs:attribute>
2574 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2575 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2576 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2577 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2578 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2579 <xs:attribute name="configSource" type="xs:string" use="optional" />
2580 </xs:complexType>
2581 </xs:element>
2582 <xs:element name="processModel" vs:help="configuration/system.web/processModel">
2583 <xs:complexType>
2584 <xs:attribute name="autoConfig" type="small_boolean_Type" use="optional" />
2585 <xs:attribute name="clientConnectedCheck" type="xs:string" use="optional" />
2586 <xs:attribute name="comAuthenticationLevel" use="optional">
2587 <xs:simpleType>
2588 <xs:restriction base="xs:NMTOKEN">
2589 <xs:enumeration value="Call" />
2590 <xs:enumeration value="Connect" />
2591 <xs:enumeration value="Default" />
2592 <xs:enumeration value="None" />
2593 <xs:enumeration value="Pkt" />
2594 <xs:enumeration value="PktIntegrity" />
2595 <xs:enumeration value="PktPrivacy" />
2596 </xs:restriction>
2597 </xs:simpleType>
2598 </xs:attribute>
2599 <xs:attribute name="comImpersonationLevel" use="optional">
2600 <xs:simpleType>
2601 <xs:restriction base="xs:NMTOKEN">
2602 <xs:enumeration value="Anonymous" />
2603 <xs:enumeration value="Default" />
2604 <xs:enumeration value="Delegate" />
2605 <xs:enumeration value="Identify" />
2606 <xs:enumeration value="Impersonate" />
2607 </xs:restriction>
2608 </xs:simpleType>
2609 </xs:attribute>
2610 <xs:attribute name="cpuMask" type="xs:int" use="optional" />
2611 <xs:attribute name="enable" type="small_boolean_Type" use="optional" />
2612 <xs:attribute name="idleTimeout" type="xs:string" use="optional" />
2613 <xs:attribute name="logLevel" use="optional">
2614 <xs:simpleType>
2615 <xs:restriction base="xs:NMTOKEN">
2616 <xs:enumeration value="All" />
2617 <xs:enumeration value="Errors" />
2618 <xs:enumeration value="None" />
2619 </xs:restriction>
2620 </xs:simpleType>
2621 </xs:attribute>
2622 <xs:attribute name="maxAppDomains" use="optional">
2623 <xs:simpleType>
2624 <xs:restriction base="xs:int">
2625 <xs:minInclusive value="1" />
2626 <xs:maxInclusive value="2147483646" />
2627 </xs:restriction>
2628 </xs:simpleType>
2629 </xs:attribute>
2630 <xs:attribute name="maxIoThreads" use="optional">
2631 <xs:simpleType>
2632 <xs:restriction base="xs:int">
2633 <xs:minInclusive value="1" />
2634 <xs:maxInclusive value="2147483646" />
2635 </xs:restriction>
2636 </xs:simpleType>
2637 </xs:attribute>
2638 <xs:attribute name="maxWorkerThreads" use="optional">
2639 <xs:simpleType>
2640 <xs:restriction base="xs:int">
2641 <xs:minInclusive value="1" />
2642 <xs:maxInclusive value="2147483646" />
2643 </xs:restriction>
2644 </xs:simpleType>
2645 </xs:attribute>
2646 <xs:attribute name="memoryLimit" type="xs:int" use="optional" />
2647 <xs:attribute name="minIoThreads" use="optional">
2648 <xs:simpleType>
2649 <xs:restriction base="xs:int">
2650 <xs:minInclusive value="1" />
2651 <xs:maxInclusive value="2147483646" />
2652 </xs:restriction>
2653 </xs:simpleType>
2654 </xs:attribute>
2655 <xs:attribute name="minWorkerThreads" use="optional">
2656 <xs:simpleType>
2657 <xs:restriction base="xs:int">
2658 <xs:minInclusive value="1" />
2659 <xs:maxInclusive value="2147483646" />
2660 </xs:restriction>
2661 </xs:simpleType>
2662 </xs:attribute>
2663 <xs:attribute name="password" type="xs:string" use="optional" />
2664 <xs:attribute name="pingFrequency" type="xs:string" use="optional" />
2665 <xs:attribute name="pingTimeout" type="xs:string" use="optional" />
2666 <xs:attribute name="requestLimit" use="optional">
2667 <xs:simpleType>
2668 <xs:union memberTypes="xs:int Infinite">
2669 <xs:simpleType>
2670 <xs:restriction base="xs:int">
2671 <xs:minInclusive value="0" />
2672 </xs:restriction>
2673 </xs:simpleType>
2674 </xs:union>
2675 </xs:simpleType>
2676 </xs:attribute>
2677 <xs:attribute name="requestQueueLimit" use="optional">
2678 <xs:simpleType>
2679 <xs:union memberTypes="xs:int Infinite">
2680 <xs:simpleType>
2681 <xs:restriction base="xs:int">
2682 <xs:minInclusive value="0" />
2683 </xs:restriction>
2684 </xs:simpleType>
2685 </xs:union>
2686 </xs:simpleType>
2687 </xs:attribute>
2688 <xs:attribute name="responseDeadlockInterval" use="optional">
2689 <xs:simpleType>
2690 <xs:restriction base="xs:string">
2691 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
2692 </xs:restriction>
2693 </xs:simpleType>
2694 </xs:attribute>
2695 <xs:attribute name="responseRestartDeadlockInterval" type="xs:string" use="optional" />
2696 <xs:attribute name="restartQueueLimit" use="optional">
2697 <xs:simpleType>
2698 <xs:union memberTypes="xs:int Infinite">
2699 <xs:simpleType>
2700 <xs:restriction base="xs:int">
2701 <xs:minInclusive value="0" />
2702 </xs:restriction>
2703 </xs:simpleType>
2704 </xs:union>
2705 </xs:simpleType>
2706 </xs:attribute>
2707 <xs:attribute name="serverErrorMessageFile" type="xs:string" use="optional" />
2708 <xs:attribute name="shutdownTimeout" use="optional">
2709 <xs:simpleType>
2710 <xs:restriction base="xs:string">
2711 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
2712 </xs:restriction>
2713 </xs:simpleType>
2714 </xs:attribute>
2715 <xs:attribute name="timeout" type="xs:string" use="optional" />
2716 <xs:attribute name="userName" type="xs:string" use="optional" />
2717 <xs:attribute name="webGarden" type="small_boolean_Type" use="optional" />
2718 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2719 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2720 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2721 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2722 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2723 <xs:attribute name="configSource" type="xs:string" use="optional" />
2724 </xs:complexType>
2725 </xs:element>
2726 <xs:element name="profile" vs:help="configuration/system.web/profile">
2727 <xs:complexType>
2728 <xs:choice minOccurs="0" maxOccurs="unbounded">
2729 <xs:element name="properties" vs:help="configuration/system.web/profile/properties">
2730 <xs:complexType>
2731 <xs:choice minOccurs="0" maxOccurs="unbounded">
2732 <xs:element name="add" vs:help="configuration/system.web/profile/properties/add">
2733 <xs:complexType>
2734 <xs:attribute name="allowAnonymous" type="small_boolean_Type" use="optional" />
2735 <xs:attribute name="customProviderData" type="xs:string" use="optional" />
2736 <xs:attribute name="defaultValue" type="xs:string" use="optional" />
2737 <xs:attribute name="name" type="xs:string" use="required" />
2738 <xs:attribute name="provider" type="xs:string" use="optional" />
2739 <xs:attribute name="readOnly" type="small_boolean_Type" use="optional" />
2740 <xs:attribute name="serializeAs" use="optional">
2741 <xs:simpleType>
2742 <xs:restriction base="xs:NMTOKEN">
2743 <xs:enumeration value="Binary" />
2744 <xs:enumeration value="ProviderSpecific" />
2745 <xs:enumeration value="String" />
2746 <xs:enumeration value="Xml" />
2747 </xs:restriction>
2748 </xs:simpleType>
2749 </xs:attribute>
2750 <xs:attribute name="type" type="xs:string" use="optional" />
2751 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2752 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2753 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2754 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2755 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2756 </xs:complexType>
2757 </xs:element>
2758 <xs:element name="remove" vs:help="configuration/system.web/profile/properties/remove">
2759 <xs:complexType>
2760 <xs:attribute name="name" type="xs:string" use="required" />
2761 </xs:complexType>
2762 </xs:element>
2763 <xs:element name="clear" vs:help="configuration/system.web/profile/properties/clear">
2764 <xs:complexType>
2765 <!--tag is empty-->
2766 </xs:complexType>
2767 </xs:element>
2768 <xs:element name="group" vs:help="configuration/system.web/profile/properties/group/group">
2769 <xs:complexType>
2770 <xs:choice minOccurs="0" maxOccurs="unbounded">
2771 <xs:element name="add" vs:help="configuration/system.web/profile/properties/group/ProfileGroupSettings/add">
2772 <xs:complexType>
2773 <xs:attribute name="allowAnonymous" type="small_boolean_Type" use="optional" />
2774 <xs:attribute name="customProviderData" type="xs:string" use="optional" />
2775 <xs:attribute name="defaultValue" type="xs:string" use="optional" />
2776 <xs:attribute name="name" type="xs:string" use="required" />
2777 <xs:attribute name="provider" type="xs:string" use="optional" />
2778 <xs:attribute name="readOnly" type="small_boolean_Type" use="optional" />
2779 <xs:attribute name="serializeAs" use="optional">
2780 <xs:simpleType>
2781 <xs:restriction base="xs:NMTOKEN">
2782 <xs:enumeration value="Binary" />
2783 <xs:enumeration value="ProviderSpecific" />
2784 <xs:enumeration value="String" />
2785 <xs:enumeration value="Xml" />
2786 </xs:restriction>
2787 </xs:simpleType>
2788 </xs:attribute>
2789 <xs:attribute name="type" type="xs:string" use="optional" />
2790 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2791 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2792 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2793 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2794 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2795 </xs:complexType>
2796 </xs:element>
2797 <xs:element name="remove" vs:help="configuration/system.web/profile/properties/group/ProfileGroupSettings/remove">
2798 <xs:complexType>
2799 <xs:attribute name="name" type="xs:string" use="required" />
2800 </xs:complexType>
2801 </xs:element>
2802 <xs:element name="clear" vs:help="configuration/system.web/profile/properties/group/ProfileGroupSettings/clear">
2803 <xs:complexType>
2804 <!--tag is empty-->
2805 </xs:complexType>
2806 </xs:element>
2807 </xs:choice>
2808 <xs:attribute name="name" type="xs:string" use="required" />
2809 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2810 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2811 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2812 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2813 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2814 </xs:complexType>
2815 </xs:element>
2816 </xs:choice>
2817 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2818 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2819 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2820 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2821 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2822 </xs:complexType>
2823 </xs:element>
2824 <xs:element name="providers" vs:help="configuration/system.web/profile/providers">
2825 <xs:complexType>
2826 <xs:choice minOccurs="0" maxOccurs="unbounded">
2827 <xs:element name="add" vs:help="configuration/system.web/profile/providers/add">
2828 <xs:complexType>
2829 <xs:attribute name="name" type="xs:string" use="required" />
2830 <xs:attribute name="type" type="xs:string" use="required" />
2831 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2832 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2833 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2834 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2835 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2836 <xs:anyAttribute processContents="skip" />
2837 </xs:complexType>
2838 </xs:element>
2839 <xs:element name="remove" vs:help="configuration/system.web/profile/providers/remove">
2840 <xs:complexType>
2841 <xs:attribute name="name" type="xs:string" use="required" />
2842 </xs:complexType>
2843 </xs:element>
2844 <xs:element name="clear" vs:help="configuration/system.web/profile/providers/clear">
2845 <xs:complexType>
2846 <!--tag is empty-->
2847 </xs:complexType>
2848 </xs:element>
2849 </xs:choice>
2850 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2851 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2852 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2853 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2854 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2855 </xs:complexType>
2856 </xs:element>
2857 </xs:choice>
2858 <xs:attribute name="automaticSaveEnabled" type="small_boolean_Type" use="optional" />
2859 <xs:attribute name="defaultProvider" use="optional">
2860 <xs:simpleType>
2861 <xs:restriction base="xs:string">
2862 <xs:minLength value="1" />
2863 </xs:restriction>
2864 </xs:simpleType>
2865 </xs:attribute>
2866 <xs:attribute name="enabled" type="small_boolean_Type" use="optional" />
2867 <xs:attribute name="inherits" type="xs:string" use="optional" />
2868 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2869 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2870 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2871 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2872 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2873 <xs:attribute name="configSource" type="xs:string" use="optional" />
2874 </xs:complexType>
2875 </xs:element>
2876 <xs:element name="roleManager" vs:help="configuration/system.web/roleManager">
2877 <xs:complexType>
2878 <xs:choice minOccurs="0" maxOccurs="unbounded">
2879 <xs:element name="providers" vs:help="configuration/system.web/roleManager/providers">
2880 <xs:complexType>
2881 <xs:choice minOccurs="0" maxOccurs="unbounded">
2882 <xs:element name="add" vs:help="configuration/system.web/roleManager/providers/add">
2883 <xs:complexType>
2884 <xs:attribute name="name" type="xs:string" use="required" />
2885 <xs:attribute name="type" type="xs:string" use="required" />
2886 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2887 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2888 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2889 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2890 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2891 <xs:anyAttribute processContents="skip" />
2892 </xs:complexType>
2893 </xs:element>
2894 <xs:element name="remove" vs:help="configuration/system.web/roleManager/providers/remove">
2895 <xs:complexType>
2896 <xs:attribute name="name" type="xs:string" use="required" />
2897 </xs:complexType>
2898 </xs:element>
2899 <xs:element name="clear" vs:help="configuration/system.web/roleManager/providers/clear">
2900 <xs:complexType>
2901 <!--tag is empty-->
2902 </xs:complexType>
2903 </xs:element>
2904 </xs:choice>
2905 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2906 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2907 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2908 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2909 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2910 </xs:complexType>
2911 </xs:element>
2912 </xs:choice>
2913 <xs:attribute name="cacheRolesInCookie" type="small_boolean_Type" use="optional" />
2914 <xs:attribute name="cookieName" use="optional">
2915 <xs:simpleType>
2916 <xs:restriction base="xs:string">
2917 <xs:minLength value="1" />
2918 <xs:whiteSpace value="collapse" />
2919 </xs:restriction>
2920 </xs:simpleType>
2921 </xs:attribute>
2922 <xs:attribute name="cookiePath" use="optional">
2923 <xs:simpleType>
2924 <xs:restriction base="xs:string">
2925 <xs:minLength value="1" />
2926 <xs:whiteSpace value="collapse" />
2927 </xs:restriction>
2928 </xs:simpleType>
2929 </xs:attribute>
2930 <xs:attribute name="cookieProtection" use="optional">
2931 <xs:simpleType>
2932 <xs:restriction base="xs:NMTOKEN">
2933 <xs:enumeration value="All" />
2934 <xs:enumeration value="Encryption" />
2935 <xs:enumeration value="None" />
2936 <xs:enumeration value="Validation" />
2937 </xs:restriction>
2938 </xs:simpleType>
2939 </xs:attribute>
2940 <xs:attribute name="cookieRequireSSL" type="small_boolean_Type" use="optional" />
2941 <xs:attribute name="cookieSlidingExpiration" type="small_boolean_Type" use="optional" />
2942 <xs:attribute name="cookieTimeout" use="optional">
2943 <xs:simpleType>
2944 <xs:restriction base="xs:string">
2945 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
2946 </xs:restriction>
2947 </xs:simpleType>
2948 </xs:attribute>
2949 <xs:attribute name="createPersistentCookie" type="small_boolean_Type" use="optional" />
2950 <xs:attribute name="defaultProvider" use="optional">
2951 <xs:simpleType>
2952 <xs:restriction base="xs:string">
2953 <xs:minLength value="1" />
2954 <xs:whiteSpace value="collapse" />
2955 </xs:restriction>
2956 </xs:simpleType>
2957 </xs:attribute>
2958 <xs:attribute name="domain" type="xs:string" use="optional" />
2959 <xs:attribute name="enabled" type="small_boolean_Type" use="optional" />
2960 <xs:attribute name="maxCachedResults" type="xs:int" use="optional" />
2961 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2962 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2963 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2964 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2965 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2966 <xs:attribute name="configSource" type="xs:string" use="optional" />
2967 </xs:complexType>
2968 </xs:element>
2969 <xs:element name="securityPolicy" vs:help="configuration/system.web/securityPolicy">
2970 <xs:complexType>
2971 <xs:choice minOccurs="0" maxOccurs="unbounded">
2972 <xs:element name="trustLevel" vs:help="configuration/system.web/securityPolicy/trustLevel">
2973 <xs:complexType>
2974 <xs:attribute name="name" use="required">
2975 <xs:simpleType>
2976 <xs:restriction base="xs:string">
2977 <xs:minLength value="1" />
2978 </xs:restriction>
2979 </xs:simpleType>
2980 </xs:attribute>
2981 <xs:attribute name="policyFile" type="xs:string" use="required" />
2982 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2983 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2984 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2985 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2986 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2987 </xs:complexType>
2988 </xs:element>
2989 </xs:choice>
2990 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
2991 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
2992 <xs:attribute name="lockElements" type="xs:string" use="optional" />
2993 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
2994 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
2995 <xs:attribute name="configSource" type="xs:string" use="optional" />
2996 </xs:complexType>
2997 </xs:element>
2998 <xs:element name="sessionPageState" vs:help="configuration/system.web/sessionPageState">
2999 <xs:complexType>
3000 <xs:attribute name="historySize" use="optional">
3001 <xs:simpleType>
3002 <xs:restriction base="xs:int">
3003 <xs:minInclusive value="1" />
3004 </xs:restriction>
3005 </xs:simpleType>
3006 </xs:attribute>
3007 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3008 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3009 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3010 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3011 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3012 <xs:attribute name="configSource" type="xs:string" use="optional" />
3013 </xs:complexType>
3014 </xs:element>
3015 <xs:element name="sessionState" vs:help="configuration/system.web/sessionState">
3016 <xs:complexType>
3017 <xs:choice minOccurs="0" maxOccurs="unbounded">
3018 <xs:element name="providers" vs:help="configuration/system.web/sessionState/providers">
3019 <xs:complexType>
3020 <xs:choice minOccurs="0" maxOccurs="unbounded">
3021 <xs:element name="add" vs:help="configuration/system.web/sessionState/providers/add">
3022 <xs:complexType>
3023 <xs:attribute name="name" type="xs:string" use="required" />
3024 <xs:attribute name="type" type="xs:string" use="required" />
3025 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3026 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3027 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3028 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3029 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3030 </xs:complexType>
3031 </xs:element>
3032 <xs:element name="remove" vs:help="configuration/system.web/sessionState/providers/remove">
3033 <xs:complexType>
3034 <xs:attribute name="name" type="xs:string" use="required" />
3035 </xs:complexType>
3036 </xs:element>
3037 <xs:element name="clear" vs:help="configuration/system.web/sessionState/providers/clear">
3038 <xs:complexType>
3039 <!--tag is empty-->
3040 </xs:complexType>
3041 </xs:element>
3042 </xs:choice>
3043 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3044 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3045 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3046 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3047 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3048 </xs:complexType>
3049 </xs:element>
3050 </xs:choice>
3051 <xs:attribute name="allowCustomSqlDatabase" type="small_boolean_Type" use="optional" />
3052 <xs:attribute name="cookieless" use="optional">
3053 <xs:simpleType>
3054 <xs:restriction base="xs:NMTOKEN">
3055 <xs:enumeration value="AutoDetect" />
3056 <xs:enumeration value="UseCookies" />
3057 <xs:enumeration value="UseDeviceProfile" />
3058 <xs:enumeration value="UseUri" />
3059 <xs:enumeration value="true" />
3060 <xs:enumeration value="false" />
3061 </xs:restriction>
3062 </xs:simpleType>
3063 </xs:attribute>
3064 <xs:attribute name="cookieName" type="xs:string" use="optional" />
3065 <xs:attribute name="customProvider" type="xs:string" use="optional" />
3066 <xs:attribute name="mode" use="optional">
3067 <xs:simpleType>
3068 <xs:restriction base="xs:NMTOKEN">
3069 <xs:enumeration value="Custom" />
3070 <xs:enumeration value="InProc" />
3071 <xs:enumeration value="Off" />
3072 <xs:enumeration value="SQLServer" />
3073 <xs:enumeration value="StateServer" />
3074 </xs:restriction>
3075 </xs:simpleType>
3076 </xs:attribute>
3077 <xs:attribute name="partitionResolverType" type="xs:string" use="optional" />
3078 <xs:attribute name="regenerateExpiredSessionId" type="small_boolean_Type" use="optional" />
3079 <xs:attribute name="sessionIDManagerType" type="xs:string" use="optional" />
3080 <xs:attribute name="sqlCommandTimeout" type="xs:string" use="optional" />
3081 <xs:attribute name="sqlConnectionString" type="xs:string" use="optional" />
3082 <xs:attribute name="stateConnectionString" type="xs:string" use="optional" />
3083 <xs:attribute name="stateNetworkTimeout" type="xs:string" use="optional" />
3084 <xs:attribute name="timeout" use="optional">
3085 <xs:simpleType>
3086 <xs:restriction base="xs:string">
3087 <xs:pattern value="([0-9.]+:){0,1}([0-9]+:){0,1}[0-9.]+" />
3088 </xs:restriction>
3089 </xs:simpleType>
3090 </xs:attribute>
3091 <xs:attribute name="useHostingIdentity" type="small_boolean_Type" use="optional" />
3092 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3093 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3094 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3095 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3096 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3097 <xs:attribute name="configSource" type="xs:string" use="optional" />
3098 </xs:complexType>
3099 </xs:element>
3100 <xs:element name="siteMap" vs:help="configuration/system.web/siteMap">
3101 <xs:complexType>
3102 <xs:choice minOccurs="0" maxOccurs="unbounded">
3103 <xs:element name="providers" vs:help="configuration/system.web/siteMap/providers">
3104 <xs:complexType>
3105 <xs:choice minOccurs="0" maxOccurs="unbounded">
3106 <xs:element name="add" vs:help="configuration/system.web/siteMap/providers/add">
3107 <xs:complexType>
3108 <xs:attribute name="name" type="xs:string" use="required" />
3109 <xs:attribute name="type" type="xs:string" use="required" />
3110 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3111 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3112 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3113 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3114 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3115 <xs:anyAttribute processContents="skip" />
3116 </xs:complexType>
3117 </xs:element>
3118 <xs:element name="remove" vs:help="configuration/system.web/siteMap/providers/remove">
3119 <xs:complexType>
3120 <xs:attribute name="name" type="xs:string" use="required" />
3121 </xs:complexType>
3122 </xs:element>
3123 <xs:element name="clear" vs:help="configuration/system.web/siteMap/providers/clear">
3124 <xs:complexType>
3125 <!--tag is empty-->
3126 </xs:complexType>
3127 </xs:element>
3128 </xs:choice>
3129 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3130 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3131 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3132 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3133 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3134 </xs:complexType>
3135 </xs:element>
3136 </xs:choice>
3137 <xs:attribute name="defaultProvider" use="optional">
3138 <xs:simpleType>
3139 <xs:restriction base="xs:string">
3140 <xs:minLength value="1" />
3141 </xs:restriction>
3142 </xs:simpleType>
3143 </xs:attribute>
3144 <xs:attribute name="enabled" type="small_boolean_Type" use="optional" />
3145 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3146 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3147 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3148 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3149 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3150 <xs:attribute name="configSource" type="xs:string" use="optional" />
3151 </xs:complexType>
3152 </xs:element>
3153 <xs:element name="trace" vs:help="configuration/system.web/trace">
3154 <xs:complexType>
3155 <xs:attribute name="enabled" type="small_boolean_Type" use="optional" />
3156 <xs:attribute name="localOnly" type="small_boolean_Type" use="optional" />
3157 <xs:attribute name="mostRecent" type="small_boolean_Type" use="optional" />
3158 <xs:attribute name="pageOutput" type="small_boolean_Type" use="optional" />
3159 <xs:attribute name="requestLimit" use="optional">
3160 <xs:simpleType>
3161 <xs:restriction base="xs:int">
3162 <xs:minInclusive value="0" />
3163 </xs:restriction>
3164 </xs:simpleType>
3165 </xs:attribute>
3166 <xs:attribute name="traceMode" use="optional">
3167 <xs:simpleType>
3168 <xs:restriction base="xs:NMTOKEN">
3169 <xs:enumeration value="SortByCategory" />
3170 <xs:enumeration value="SortByTime" />
3171 </xs:restriction>
3172 </xs:simpleType>
3173 </xs:attribute>
3174 <xs:attribute name="writeToDiagnosticsTrace" type="small_boolean_Type" use="optional" />
3175 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3176 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3177 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3178 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3179 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3180 <xs:attribute name="configSource" type="xs:string" use="optional" />
3181 </xs:complexType>
3182 </xs:element>
3183 <xs:element name="trust" vs:help="configuration/system.web/trust">
3184 <xs:complexType>
3185 <xs:attribute name="level" use="required">
3186 <xs:simpleType>
3187 <xs:restriction base="xs:string">
3188 <xs:minLength value="1" />
3189 </xs:restriction>
3190 </xs:simpleType>
3191 </xs:attribute>
3192 <xs:attribute name="originUrl" type="xs:string" use="optional" />
3193 <xs:attribute name="processRequestInApplicationTrust" type="small_boolean_Type" use="optional" />
3194 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3195 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3196 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3197 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3198 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3199 <xs:attribute name="configSource" type="xs:string" use="optional" />
3200 </xs:complexType>
3201 </xs:element>
3202 <xs:element name="urlMappings" vs:help="configuration/system.web/urlMappings">
3203 <xs:complexType>
3204 <xs:choice minOccurs="0" maxOccurs="unbounded">
3205 <xs:element name="add" vs:help="configuration/system.web/urlMappings/add">
3206 <xs:complexType>
3207 <xs:attribute name="mappedUrl" type="xs:string" use="required" />
3208 <xs:attribute name="url" type="xs:string" use="required" />
3209 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3210 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3211 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3212 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3213 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3214 </xs:complexType>
3215 </xs:element>
3216 <xs:element name="remove" vs:help="configuration/system.web/urlMappings/remove">
3217 <xs:complexType>
3218 <xs:attribute name="url" type="xs:string" use="required" />
3219 </xs:complexType>
3220 </xs:element>
3221 <xs:element name="clear" vs:help="configuration/system.web/urlMappings/clear">
3222 <xs:complexType>
3223 <!--tag is empty-->
3224 </xs:complexType>
3225 </xs:element>
3226 </xs:choice>
3227 <xs:attribute name="enabled" type="small_boolean_Type" use="optional" />
3228 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3229 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3230 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3231 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3232 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3233 <xs:attribute name="configSource" type="xs:string" use="optional" />
3234 </xs:complexType>
3235 </xs:element>
3236 <xs:element name="webControls" vs:help="configuration/system.web/webControls">
3237 <xs:complexType>
3238 <xs:attribute name="clientScriptsLocation" use="required">
3239 <xs:simpleType>
3240 <xs:restriction base="xs:string">
3241 <xs:minLength value="1" />
3242 </xs:restriction>
3243 </xs:simpleType>
3244 </xs:attribute>
3245 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3246 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3247 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3248 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3249 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3250 <xs:attribute name="configSource" type="xs:string" use="optional" />
3251 </xs:complexType>
3252 </xs:element>
3253 <xs:element name="webParts" vs:help="configuration/system.web/webParts">
3254 <xs:complexType>
3255 <xs:choice minOccurs="0" maxOccurs="unbounded">
3256 <xs:element name="personalization" vs:help="configuration/system.web/webParts/personalization">
3257 <xs:complexType>
3258 <xs:choice minOccurs="0" maxOccurs="unbounded">
3259 <xs:element name="authorization" vs:help="configuration/system.web/webParts/personalization/authorization">
3260 <xs:complexType>
3261 <xs:choice minOccurs="0" maxOccurs="unbounded">
3262 <xs:element name="allow" vs:help="configuration/system.web/webParts/personalization/authorization/allow">
3263 <xs:complexType>
3264 <xs:attribute name="roles" type="xs:string" use="optional" />
3265 <xs:attribute name="users" type="xs:string" use="optional" />
3266 <xs:attribute name="verbs" type="xs:string" use="optional" />
3267 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3268 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3269 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3270 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3271 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3272 </xs:complexType>
3273 </xs:element>
3274 <xs:element name="deny" vs:help="configuration/system.web/webParts/personalization/authorization/deny">
3275 <xs:complexType>
3276 <xs:attribute name="roles" type="xs:string" use="optional" />
3277 <xs:attribute name="users" type="xs:string" use="optional" />
3278 <xs:attribute name="verbs" type="xs:string" use="optional" />
3279 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3280 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3281 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3282 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3283 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3284 </xs:complexType>
3285 </xs:element>
3286 </xs:choice>
3287 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3288 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3289 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3290 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3291 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3292 </xs:complexType>
3293 </xs:element>
3294 <xs:element name="providers" vs:help="configuration/system.web/webParts/personalization/providers">
3295 <xs:complexType>
3296 <xs:choice minOccurs="0" maxOccurs="unbounded">
3297 <xs:element name="add" vs:help="configuration/system.web/webParts/personalization/providers/add">
3298 <xs:complexType>
3299 <xs:attribute name="name" type="xs:string" use="required" />
3300 <xs:attribute name="type" type="xs:string" use="required" />
3301 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3302 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3303 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3304 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3305 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3306 <xs:anyAttribute processContents="skip" />
3307 </xs:complexType>
3308 </xs:element>
3309 <xs:element name="remove" vs:help="configuration/system.web/webParts/personalization/providers/remove">
3310 <xs:complexType>
3311 <xs:attribute name="name" type="xs:string" use="required" />
3312 </xs:complexType>
3313 </xs:element>
3314 <xs:element name="clear" vs:help="configuration/system.web/webParts/personalization/providers/clear">
3315 <xs:complexType>
3316 <!--tag is empty-->
3317 </xs:complexType>
3318 </xs:element>
3319 </xs:choice>
3320 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3321 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3322 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3323 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3324 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3325 </xs:complexType>
3326 </xs:element>
3327 </xs:choice>
3328 <xs:attribute name="defaultProvider" use="optional">
3329 <xs:simpleType>
3330 <xs:restriction base="xs:string">
3331 <xs:minLength value="1" />
3332 </xs:restriction>
3333 </xs:simpleType>
3334 </xs:attribute>
3335 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3336 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3337 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3338 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3339 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3340 </xs:complexType>
3341 </xs:element>
3342 <xs:element name="transformers" vs:help="configuration/system.web/webParts/transformers">
3343 <xs:complexType>
3344 <xs:choice minOccurs="0" maxOccurs="unbounded">
3345 <xs:element name="add" vs:help="configuration/system.web/webParts/transformers/add">
3346 <xs:complexType>
3347 <xs:anyAttribute processContents="skip" />
3348 </xs:complexType>
3349 </xs:element>
3350 <xs:element name="remove" vs:help="configuration/system.web/webParts/transformers/remove">
3351 <xs:complexType>
3352 <xs:attribute name="name" use="required">
3353 <xs:simpleType>
3354 <xs:restriction base="xs:string">
3355 <xs:minLength value="1" />
3356 </xs:restriction>
3357 </xs:simpleType>
3358 </xs:attribute>
3359 </xs:complexType>
3360 </xs:element>
3361 <xs:element name="clear" vs:help="configuration/system.web/webParts/transformers/clear">
3362 <xs:complexType>
3363 <!--tag is empty-->
3364 </xs:complexType>
3365 </xs:element>
3366 </xs:choice>
3367 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3368 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3369 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3370 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3371 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3372 </xs:complexType>
3373 </xs:element>
3374 </xs:choice>
3375 <xs:attribute name="enableExport" type="small_boolean_Type" use="optional" />
3376 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3377 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3378 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3379 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3380 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3381 <xs:attribute name="configSource" type="xs:string" use="optional" />
3382 </xs:complexType>
3383 </xs:element>
3384 <xs:element name="webServices" vs:help="configuration/system.web/webServices">
3385 <xs:complexType>
3386 <xs:choice minOccurs="0" maxOccurs="unbounded">
3387 <xs:element name="conformanceWarnings" vs:help="configuration/system.web/webServices/conformanceWarnings">
3388 <xs:complexType>
3389 <xs:choice minOccurs="0" maxOccurs="unbounded">
3390 <xs:element name="add" vs:help="configuration/system.web/webServices/conformanceWarnings/add">
3391 <xs:complexType>
3392 <xs:attribute name="name" use="optional">
3393 <xs:simpleType>
3394 <xs:union>
3395 <xs:simpleType>
3396 <xs:restriction base="xs:NMTOKEN">
3397 <xs:enumeration value="BasicProfile1_1" />
3398 <xs:enumeration value="None" />
3399 </xs:restriction>
3400 </xs:simpleType>
3401 <xs:simpleType>
3402 <xs:restriction base="xs:string" />
3403 </xs:simpleType>
3404 </xs:union>
3405 </xs:simpleType>
3406 </xs:attribute>
3407 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3408 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3409 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3410 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3411 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3412 </xs:complexType>
3413 </xs:element>
3414 <xs:element name="remove" vs:help="configuration/system.web/webServices/conformanceWarnings/remove">
3415 <xs:complexType>
3416 <xs:attribute name="name" use="optional">
3417 <xs:simpleType>
3418 <xs:union>
3419 <xs:simpleType>
3420 <xs:restriction base="xs:NMTOKEN">
3421 <xs:enumeration value="BasicProfile1_1" />
3422 <xs:enumeration value="None" />
3423 </xs:restriction>
3424 </xs:simpleType>
3425 <xs:simpleType>
3426 <xs:restriction base="xs:string" />
3427 </xs:simpleType>
3428 </xs:union>
3429 </xs:simpleType>
3430 </xs:attribute>
3431 </xs:complexType>
3432 </xs:element>
3433 <xs:element name="clear" vs:help="configuration/system.web/webServices/conformanceWarnings/clear">
3434 <xs:complexType>
3435 <!--tag is empty-->
3436 </xs:complexType>
3437 </xs:element>
3438 </xs:choice>
3439 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3440 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3441 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3442 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3443 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3444 </xs:complexType>
3445 </xs:element>
3446 <xs:element name="diagnostics" vs:help="configuration/system.web/webServices/diagnostics">
3447 <xs:complexType>
3448 <xs:attribute name="suppressReturningExceptions" type="small_boolean_Type" use="optional" />
3449 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3450 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3451 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3452 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3453 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3454 </xs:complexType>
3455 </xs:element>
3456 <xs:element name="protocols" vs:help="configuration/system.web/webServices/protocols">
3457 <xs:complexType>
3458 <xs:choice minOccurs="0" maxOccurs="unbounded">
3459 <xs:element name="add" vs:help="configuration/system.web/webServices/protocols/add">
3460 <xs:complexType>
3461 <xs:attribute name="name" use="optional">
3462 <xs:simpleType>
3463 <xs:union>
3464 <xs:simpleType>
3465 <xs:restriction base="xs:NMTOKEN">
3466 <xs:enumeration value="AnyHttpSoap" />
3467 <xs:enumeration value="Documentation" />
3468 <xs:enumeration value="HttpGet" />
3469 <xs:enumeration value="HttpPost" />
3470 <xs:enumeration value="HttpPostLocalhost" />
3471 <xs:enumeration value="HttpSoap" />
3472 <xs:enumeration value="HttpSoap12" />
3473 <xs:enumeration value="Unknown" />
3474 </xs:restriction>
3475 </xs:simpleType>
3476 <xs:simpleType>
3477 <xs:restriction base="xs:string" />
3478 </xs:simpleType>
3479 </xs:union>
3480 </xs:simpleType>
3481 </xs:attribute>
3482 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3483 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3484 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3485 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3486 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3487 </xs:complexType>
3488 </xs:element>
3489 <xs:element name="remove" vs:help="configuration/system.web/webServices/protocols/remove">
3490 <xs:complexType>
3491 <xs:attribute name="name" use="optional">
3492 <xs:simpleType>
3493 <xs:union>
3494 <xs:simpleType>
3495 <xs:restriction base="xs:NMTOKEN">
3496 <xs:enumeration value="AnyHttpSoap" />
3497 <xs:enumeration value="Documentation" />
3498 <xs:enumeration value="HttpGet" />
3499 <xs:enumeration value="HttpPost" />
3500 <xs:enumeration value="HttpPostLocalhost" />
3501 <xs:enumeration value="HttpSoap" />
3502 <xs:enumeration value="HttpSoap12" />
3503 <xs:enumeration value="Unknown" />
3504 </xs:restriction>
3505 </xs:simpleType>
3506 <xs:simpleType>
3507 <xs:restriction base="xs:string" />
3508 </xs:simpleType>
3509 </xs:union>
3510 </xs:simpleType>
3511 </xs:attribute>
3512 </xs:complexType>
3513 </xs:element>
3514 <xs:element name="clear" vs:help="configuration/system.web/webServices/protocols/clear">
3515 <xs:complexType>
3516 <!--tag is empty-->
3517 </xs:complexType>
3518 </xs:element>
3519 </xs:choice>
3520 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3521 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3522 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3523 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3524 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3525 </xs:complexType>
3526 </xs:element>
3527 <xs:element name="serviceDescriptionFormatExtensionTypes" vs:help="configuration/system.web/webServices/serviceDescriptionFormatExtensionTypes">
3528 <xs:complexType>
3529 <xs:choice minOccurs="0" maxOccurs="unbounded">
3530 <xs:element name="add" vs:help="configuration/system.web/webServices/serviceDescriptionFormatExtensionTypes/add">
3531 <xs:complexType>
3532 <xs:attribute name="type" type="xs:string" use="optional" />
3533 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3534 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3535 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3536 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3537 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3538 </xs:complexType>
3539 </xs:element>
3540 <xs:element name="remove" vs:help="configuration/system.web/webServices/serviceDescriptionFormatExtensionTypes/remove">
3541 <xs:complexType>
3542 <xs:attribute name="type" type="xs:string" use="optional" />
3543 </xs:complexType>
3544 </xs:element>
3545 <xs:element name="clear" vs:help="configuration/system.web/webServices/serviceDescriptionFormatExtensionTypes/clear">
3546 <xs:complexType>
3547 <!--tag is empty-->
3548 </xs:complexType>
3549 </xs:element>
3550 </xs:choice>
3551 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3552 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3553 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3554 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3555 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3556 </xs:complexType>
3557 </xs:element>
3558 <xs:element name="soapEnvelopeProcessing" vs:help="configuration/system.web/webServices/soapEnvelopeProcessing">
3559 <xs:complexType>
3560 <xs:attribute name="strict" type="small_boolean_Type" use="optional" />
3561 <xs:attribute name="readTimeout" use="optional">
3562 <xs:simpleType>
3563 <xs:union memberTypes="xs:int Infinite">
3564 <xs:simpleType>
3565 <xs:restriction base="xs:int" />
3566 </xs:simpleType>
3567 </xs:union>
3568 </xs:simpleType>
3569 </xs:attribute>
3570 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3571 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3572 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3573 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3574 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3575 </xs:complexType>
3576 </xs:element>
3577 <xs:element name="soapExtensionImporterTypes" vs:help="configuration/system.web/webServices/soapExtensionImporterTypes">
3578 <xs:complexType>
3579 <xs:choice minOccurs="0" maxOccurs="unbounded">
3580 <xs:element name="add" vs:help="configuration/system.web/webServices/soapExtensionImporterTypes/add">
3581 <xs:complexType>
3582 <xs:attribute name="type" type="xs:string" use="optional" />
3583 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3584 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3585 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3586 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3587 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3588 </xs:complexType>
3589 </xs:element>
3590 <xs:element name="remove" vs:help="configuration/system.web/webServices/soapExtensionImporterTypes/remove">
3591 <xs:complexType>
3592 <xs:attribute name="type" type="xs:string" use="optional" />
3593 </xs:complexType>
3594 </xs:element>
3595 <xs:element name="clear" vs:help="configuration/system.web/webServices/soapExtensionImporterTypes/clear">
3596 <xs:complexType>
3597 <!--tag is empty-->
3598 </xs:complexType>
3599 </xs:element>
3600 </xs:choice>
3601 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3602 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3603 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3604 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3605 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3606 </xs:complexType>
3607 </xs:element>
3608 <xs:element name="soapExtensionReflectorTypes" vs:help="configuration/system.web/webServices/soapExtensionReflectorTypes">
3609 <xs:complexType>
3610 <xs:choice minOccurs="0" maxOccurs="unbounded">
3611 <xs:element name="add" vs:help="configuration/system.web/webServices/soapExtensionReflectorTypes/add">
3612 <xs:complexType>
3613 <xs:attribute name="type" type="xs:string" use="optional" />
3614 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3615 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3616 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3617 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3618 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3619 </xs:complexType>
3620 </xs:element>
3621 <xs:element name="remove" vs:help="configuration/system.web/webServices/soapExtensionReflectorTypes/remove">
3622 <xs:complexType>
3623 <xs:attribute name="type" type="xs:string" use="optional" />
3624 </xs:complexType>
3625 </xs:element>
3626 <xs:element name="clear" vs:help="configuration/system.web/webServices/soapExtensionReflectorTypes/clear">
3627 <xs:complexType>
3628 <!--tag is empty-->
3629 </xs:complexType>
3630 </xs:element>
3631 </xs:choice>
3632 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3633 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3634 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3635 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3636 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3637 </xs:complexType>
3638 </xs:element>
3639 <xs:element name="soapExtensionTypes" vs:help="configuration/system.web/webServices/soapExtensionTypes">
3640 <xs:complexType>
3641 <xs:choice minOccurs="0" maxOccurs="unbounded">
3642 <xs:element name="add" vs:help="configuration/system.web/webServices/soapExtensionTypes/add">
3643 <xs:complexType>
3644 <xs:attribute name="group" use="optional">
3645 <xs:simpleType>
3646 <xs:restriction base="xs:NMTOKEN">
3647 <xs:enumeration value="High" />
3648 <xs:enumeration value="Low" />
3649 </xs:restriction>
3650 </xs:simpleType>
3651 </xs:attribute>
3652 <xs:attribute name="priority" use="optional">
3653 <xs:simpleType>
3654 <xs:restriction base="xs:int">
3655 <xs:minInclusive value="0" />
3656 </xs:restriction>
3657 </xs:simpleType>
3658 </xs:attribute>
3659 <xs:attribute name="type" type="xs:string" use="optional" />
3660 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3661 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3662 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3663 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3664 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3665 </xs:complexType>
3666 </xs:element>
3667 <xs:element name="remove" vs:help="configuration/system.web/webServices/soapExtensionTypes/remove">
3668 <xs:complexType>
3669 <xs:attribute name="group" use="optional">
3670 <xs:simpleType>
3671 <xs:restriction base="xs:NMTOKEN">
3672 <xs:enumeration value="High" />
3673 <xs:enumeration value="Low" />
3674 </xs:restriction>
3675 </xs:simpleType>
3676 </xs:attribute>
3677 <xs:attribute name="priority" use="optional">
3678 <xs:simpleType>
3679 <xs:restriction base="xs:int">
3680 <xs:minInclusive value="0" />
3681 </xs:restriction>
3682 </xs:simpleType>
3683 </xs:attribute>
3684 <xs:attribute name="type" type="xs:string" use="optional" />
3685 </xs:complexType>
3686 </xs:element>
3687 <xs:element name="clear" vs:help="configuration/system.web/webServices/soapExtensionTypes/clear">
3688 <xs:complexType>
3689 <!--tag is empty-->
3690 </xs:complexType>
3691 </xs:element>
3692 </xs:choice>
3693 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3694 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3695 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3696 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3697 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3698 </xs:complexType>
3699 </xs:element>
3700 <xs:element name="soapServerProtocolFactory" vs:help="configuration/system.web/webServices/soapServerProtocolFactory">
3701 <xs:complexType>
3702 <xs:attribute name="type" type="xs:string" use="optional" />
3703 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3704 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3705 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3706 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3707 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3708 </xs:complexType>
3709 </xs:element>
3710 <xs:element name="soapTransportImporterTypes" vs:help="configuration/system.web/webServices/soapTransportImporterTypes">
3711 <xs:complexType>
3712 <xs:choice minOccurs="0" maxOccurs="unbounded">
3713 <xs:element name="add" vs:help="configuration/system.web/webServices/soapTransportImporterTypes/add">
3714 <xs:complexType>
3715 <xs:attribute name="type" type="xs:string" use="optional" />
3716 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3717 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3718 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3719 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3720 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3721 </xs:complexType>
3722 </xs:element>
3723 <xs:element name="remove" vs:help="configuration/system.web/webServices/soapTransportImporterTypes/remove">
3724 <xs:complexType>
3725 <xs:attribute name="type" type="xs:string" use="optional" />
3726 </xs:complexType>
3727 </xs:element>
3728 <xs:element name="clear" vs:help="configuration/system.web/webServices/soapTransportImporterTypes/clear">
3729 <xs:complexType>
3730 <!--tag is empty-->
3731 </xs:complexType>
3732 </xs:element>
3733 </xs:choice>
3734 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3735 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3736 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3737 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3738 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3739 </xs:complexType>
3740 </xs:element>
3741 <xs:element name="wsdlHelpGenerator" vs:help="configuration/system.web/webServices/wsdlHelpGenerator">
3742 <xs:complexType>
3743 <xs:attribute name="href" type="xs:string" use="required" />
3744 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3745 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3746 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3747 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3748 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3749 </xs:complexType>
3750 </xs:element>
3751 </xs:choice>
3752 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3753 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3754 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3755 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3756 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3757 <xs:attribute name="configSource" type="xs:string" use="optional" />
3758 </xs:complexType>
3759 </xs:element>
3760 <xs:element name="xhtmlConformance" vs:help="configuration/system.web/xhtmlConformance">
3761 <xs:complexType>
3762 <xs:attribute name="mode" use="optional">
3763 <xs:simpleType>
3764 <xs:restriction base="xs:NMTOKEN">
3765 <xs:enumeration value="Legacy" />
3766 <xs:enumeration value="Strict" />
3767 <xs:enumeration value="Transitional" />
3768 </xs:restriction>
3769 </xs:simpleType>
3770 </xs:attribute>
3771 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3772 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3773 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3774 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3775 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3776 <xs:attribute name="configSource" type="xs:string" use="optional" />
3777 </xs:complexType>
3778 </xs:element>
3779 <xs:element name="caching" vs:help="configuration/system.web/caching">
3780 <xs:complexType>
3781 <xs:choice minOccurs="0" maxOccurs="unbounded">
3782 <xs:element name="cache" vs:help="configuration/system.web/caching/cache">
3783 <xs:complexType>
3784 <xs:attribute name="disableExpiration" type="small_boolean_Type" use="optional" />
3785 <xs:attribute name="disableMemoryCollection" type="small_boolean_Type" use="optional" />
3786 <xs:attribute name="percentagePhysicalMemoryUsedLimit" use="optional">
3787 <xs:simpleType>
3788 <xs:restriction base="xs:int">
3789 <xs:minInclusive value="0" />
3790 </xs:restriction>
3791 </xs:simpleType>
3792 </xs:attribute>
3793 <xs:attribute name="privateBytesLimit" type="xs:int" use="optional" />
3794 <xs:attribute name="privateBytesPollTime" type="xs:string" use="optional" />
3795 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3796 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3797 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3798 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3799 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3800 <xs:attribute name="configSource" type="xs:string" use="optional" />
3801 </xs:complexType>
3802 </xs:element>
3803 <xs:element name="outputCache" vs:help="configuration/system.web/caching/outputCache">
3804 <xs:complexType>
3805 <xs:attribute name="enableFragmentCache" type="small_boolean_Type" use="optional" />
3806 <xs:attribute name="enableOutputCache" type="small_boolean_Type" use="optional" />
3807 <xs:attribute name="omitVaryStar" type="small_boolean_Type" use="optional" />
3808 <xs:attribute name="sendCacheControlHeader" type="small_boolean_Type" use="optional" />
3809 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3810 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3811 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3812 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3813 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3814 <xs:attribute name="configSource" type="xs:string" use="optional" />
3815 </xs:complexType>
3816 </xs:element>
3817 <xs:element name="outputCacheSettings" vs:help="configuration/system.web/caching/outputCacheSettings">
3818 <xs:complexType>
3819 <xs:choice minOccurs="0" maxOccurs="unbounded">
3820 <xs:element name="outputCacheProfiles" vs:help="configuration/system.web/caching/outputCacheSettings/outputCacheProfiles">
3821 <xs:complexType>
3822 <xs:choice minOccurs="0" maxOccurs="unbounded">
3823 <xs:element name="add" vs:help="configuration/system.web/caching/outputCacheSettings/outputCacheProfiles/add">
3824 <xs:complexType>
3825 <xs:attribute name="duration" type="xs:int" use="optional" />
3826 <xs:attribute name="enabled" type="small_boolean_Type" use="optional" />
3827 <xs:attribute name="location" use="optional">
3828 <xs:simpleType>
3829 <xs:restriction base="xs:NMTOKEN">
3830 <xs:enumeration value="Any" />
3831 <xs:enumeration value="Client" />
3832 <xs:enumeration value="Downstream" />
3833 <xs:enumeration value="None" />
3834 <xs:enumeration value="Server" />
3835 <xs:enumeration value="ServerAndClient" />
3836 </xs:restriction>
3837 </xs:simpleType>
3838 </xs:attribute>
3839 <xs:attribute name="name" use="required">
3840 <xs:simpleType>
3841 <xs:restriction base="xs:string">
3842 <xs:minLength value="1" />
3843 <xs:whiteSpace value="collapse" />
3844 </xs:restriction>
3845 </xs:simpleType>
3846 </xs:attribute>
3847 <xs:attribute name="noStore" type="small_boolean_Type" use="optional" />
3848 <xs:attribute name="sqlDependency" type="xs:string" use="optional" />
3849 <xs:attribute name="varyByControl" type="xs:string" use="optional" />
3850 <xs:attribute name="varyByCustom" type="xs:string" use="optional" />
3851 <xs:attribute name="varyByHeader" type="xs:string" use="optional" />
3852 <xs:attribute name="varyByParam" type="xs:string" use="optional" />
3853 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3854 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3855 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3856 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3857 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3858 </xs:complexType>
3859 </xs:element>
3860 <xs:element name="remove" vs:help="configuration/system.web/caching/outputCacheSettings/outputCacheProfiles/remove">
3861 <xs:complexType>
3862 <xs:attribute name="name" use="required">
3863 <xs:simpleType>
3864 <xs:restriction base="xs:string">
3865 <xs:minLength value="1" />
3866 <xs:whiteSpace value="collapse" />
3867 </xs:restriction>
3868 </xs:simpleType>
3869 </xs:attribute>
3870 </xs:complexType>
3871 </xs:element>
3872 <xs:element name="clear" vs:help="configuration/system.web/caching/outputCacheSettings/outputCacheProfiles/clear">
3873 <xs:complexType>
3874 <!--tag is empty-->
3875 </xs:complexType>
3876 </xs:element>
3877 </xs:choice>
3878 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3879 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3880 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3881 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3882 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3883 </xs:complexType>
3884 </xs:element>
3885 </xs:choice>
3886 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3887 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3888 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3889 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3890 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3891 <xs:attribute name="configSource" type="xs:string" use="optional" />
3892 </xs:complexType>
3893 </xs:element>
3894 <xs:element name="sqlCacheDependency" vs:help="configuration/system.web/caching/sqlCacheDependency">
3895 <xs:complexType>
3896 <xs:choice minOccurs="0" maxOccurs="unbounded">
3897 <xs:element name="databases" vs:help="configuration/system.web/caching/sqlCacheDependency/databases">
3898 <xs:complexType>
3899 <xs:choice minOccurs="0" maxOccurs="unbounded">
3900 <xs:element name="add" vs:help="configuration/system.web/caching/sqlCacheDependency/databases/add">
3901 <xs:complexType>
3902 <xs:attribute name="connectionStringName" use="required">
3903 <xs:simpleType>
3904 <xs:restriction base="xs:string">
3905 <xs:minLength value="1" />
3906 </xs:restriction>
3907 </xs:simpleType>
3908 </xs:attribute>
3909 <xs:attribute name="name" use="required">
3910 <xs:simpleType>
3911 <xs:restriction base="xs:string">
3912 <xs:minLength value="1" />
3913 </xs:restriction>
3914 </xs:simpleType>
3915 </xs:attribute>
3916 <xs:attribute name="pollTime" type="xs:int" use="optional" />
3917 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3918 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3919 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3920 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3921 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3922 </xs:complexType>
3923 </xs:element>
3924 <xs:element name="remove" vs:help="configuration/system.web/caching/sqlCacheDependency/databases/remove">
3925 <xs:complexType>
3926 <xs:attribute name="name" use="required">
3927 <xs:simpleType>
3928 <xs:restriction base="xs:string">
3929 <xs:minLength value="1" />
3930 </xs:restriction>
3931 </xs:simpleType>
3932 </xs:attribute>
3933 </xs:complexType>
3934 </xs:element>
3935 <xs:element name="clear" vs:help="configuration/system.web/caching/sqlCacheDependency/databases/clear">
3936 <xs:complexType>
3937 <!--tag is empty-->
3938 </xs:complexType>
3939 </xs:element>
3940 </xs:choice>
3941 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3942 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3943 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3944 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3945 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3946 </xs:complexType>
3947 </xs:element>
3948 </xs:choice>
3949 <xs:attribute name="enabled" type="small_boolean_Type" use="optional" />
3950 <xs:attribute name="pollTime" type="xs:int" use="optional" />
3951 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3952 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3953 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3954 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3955 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3956 <xs:attribute name="configSource" type="xs:string" use="optional" />
3957 </xs:complexType>
3958 </xs:element>
3959 </xs:choice>
3960 </xs:complexType>
3961 </xs:element>
3962 </xs:choice>
3963 </xs:complexType>
3964 </xs:element>
3965 <xs:element name="system.xml.serialization" vs:help="configuration/system.xml.serialization">
3966 <xs:complexType>
3967 <xs:choice minOccurs="0" maxOccurs="unbounded">
3968 <xs:element name="dateTimeSerialization" vs:help="configuration/system.xml.serialization/dateTimeSerialization">
3969 <xs:complexType>
3970 <xs:attribute name="mode" use="optional">
3971 <xs:simpleType>
3972 <xs:restriction base="xs:NMTOKEN">
3973 <xs:enumeration value="Default" />
3974 <xs:enumeration value="Local" />
3975 <xs:enumeration value="Roundtrip" />
3976 </xs:restriction>
3977 </xs:simpleType>
3978 </xs:attribute>
3979 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3980 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3981 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3982 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3983 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3984 <xs:attribute name="configSource" type="xs:string" use="optional" />
3985 </xs:complexType>
3986 </xs:element>
3987 <xs:element name="schemaImporterExtensions" vs:help="configuration/system.xml.serialization/schemaImporterExtensions">
3988 <xs:complexType>
3989 <xs:choice minOccurs="0" maxOccurs="unbounded">
3990 <xs:element name="add" vs:help="configuration/system.xml.serialization/schemaImporterExtensions/add">
3991 <xs:complexType>
3992 <xs:attribute name="name" type="xs:string" use="required" />
3993 <xs:attribute name="type" type="xs:string" use="optional" />
3994 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
3995 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
3996 <xs:attribute name="lockElements" type="xs:string" use="optional" />
3997 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
3998 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
3999 </xs:complexType>
4000 </xs:element>
4001 <xs:element name="remove" vs:help="configuration/system.xml.serialization/schemaImporterExtensions/remove">
4002 <xs:complexType>
4003 <xs:attribute name="name" type="xs:string" use="required" />
4004 </xs:complexType>
4005 </xs:element>
4006 <xs:element name="clear" vs:help="configuration/system.xml.serialization/schemaImporterExtensions/clear">
4007 <xs:complexType>
4008 <!--tag is empty-->
4009 </xs:complexType>
4010 </xs:element>
4011 </xs:choice>
4012 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
4013 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
4014 <xs:attribute name="lockElements" type="xs:string" use="optional" />
4015 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
4016 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
4017 <xs:attribute name="configSource" type="xs:string" use="optional" />
4018 </xs:complexType>
4019 </xs:element>
4020 <xs:element name="xmlSerializer" vs:help="configuration/system.xml.serialization/xmlSerializer">
4021 <xs:complexType>
4022 <xs:attribute name="checkDeserializeAdvances" type="small_boolean_Type" use="optional" />
4023 <xs:attribute name="lockAttributes" type="xs:string" use="optional" />
4024 <xs:attribute name="lockAllAttributesExcept" type="xs:string" use="optional" />
4025 <xs:attribute name="lockElements" type="xs:string" use="optional" />
4026 <xs:attribute name="lockAllElementsExcept" type="xs:string" use="optional" />
4027 <xs:attribute name="lockItem" type="small_boolean_Type" use="optional" />
4028 <xs:attribute name="configSource" type="xs:string" use="optional" />
4029 </xs:complexType>
4030 </xs:element>
4031 </xs:choice>
4032 </xs:complexType>
4033 </xs:element>
4034 </xs:schema>
+0
-8
scripts/wcscans/__init__.py less more
0 '''
1 Faraday Penetration Test IDE
2 Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
3 See the file 'doc/LICENSE' for the license information
4
5 '''
6
7 # I'm Py3
+0
-149
scripts/wcscans/phpini.py less more
0 '''
1 Faraday Penetration Test IDE
2 Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
3 See the file 'doc/LICENSE' for the license information
4
5 '''
6
7 #!/usr/bin/env python
8 # -*- coding: utf-8 -*-
9 import re
10 from lxml import etree as ET
11
12 VRAI = ['yes','on','1']
13 FAUX = ['no','off','0']
14
15 def equals(value1,value2):
16 if (value1.lower() in VRAI and value2.lower() in VRAI) or (value1.lower() in FAUX and value2.lower() in FAUX):
17 return True
18 else:
19 return False
20
21 #Good practices
22 rules = {
23 'session.use_cookies':['Cookies for sessions are disabled','1'],
24 'session.use_only_cookies':['Only cookies for sessions is disabled','1'],
25 'session.cookie_httponly':['Cookies are not set to HTTP only','1'],
26 'session.bug_compat_42':['Bug compatibility 42 is enabled','0'],
27 'session.bug_compat_warn':['Bug compatibility 42 warning is enabled','0'],
28 'session.use_trans_sid':['Use of \'use_trans_sid\' is considered harmful','0'],
29 'session.cookie_secure':['Cookie is not set to secure connection','1'],
30 'session.use_strict_mode':['Strict mode is disabled for session fixation prevention','1'],
31 'session.cookie_domain':['Cookie domain is not set',''],
32 'session.hash_function':['Weak session id generation: a stronger hash function such as SHA256 should be used',''],
33 'allow_url_fopen':['Remote file opening is allowed','off'],
34 'allow_url_include':['Remote file including is allowed','off'],
35 'error_reporting':['Errors reports are enabled in production','0'],
36 'display_errors':['Errors should not be shown in production','off'],
37 'log_errors':['Log errors are not written in production','on'],
38 'expose_php':['PHP signature should disabled','off'],
39 'register_globals':['Register globals is enabled','off'],
40 'magic_quotes_gpc':['Magic quotes is enabled','off'],
41 'magic_quotes_runtime':['Magic quotes is enabled at runtime','off'],
42 'safe_mode':['Safe mode is enabled','off'],
43 'register_long_arrays':['Register long arrays is enabled','off'],
44 'display_startup_errors':['Startup errors is displayed','off'],
45 'max_input_vars':['Maximum input variables is not set',''],
46 'open_basedir':['You should restrict PHP\'s file system access (basedir)',''],
47 'memory_limit':['You should define a reasonable memory limit (<128 M)',''],
48 'post_max_size':['You should define a reasonable max post size ',''],
49 'upload_max_filesize':['You should define a reasonable max upload size',''],
50 'upload_tmp_dir':['You should define a temporary directory used for file uploads',''],
51 'asp_tags':['ASP tag handling is not turned off','0'],
52 'xdebug.default_enable':['Xdebug is enabled','0'],
53 'xdebug.remote_enable':['Xdebug should not be trying to contact debug clients','0'],
54 }
55
56 #Lines of config whose default values are bad
57 bad_default_config = ['session.cookie_httponly','session.bug_compat_42',
58 'session.bug_compat_warn','allow_url_fopen',
59 'error_reporting','display_errors','log_errors',
60 'expose_php','magic_quotes_gpc','register_long_arrays']
61
62 #Lines of config that is not set (value by the user)
63 is_set_config = ['max_input_vars','open_basedir', 'memory_limit','post_max_size',
64 'upload_max_filesize','upload_tmp_dir']
65
66 #Weak hashing functions
67 weak_functions = ['md2', 'md4', 'md5', 'sha1', 'gost', 'snefru', '0', '1']
68
69 #To-be-disabled functions
70 weak_php_functions = ['passthru', 'shell_exec', 'exec',
71 'system', 'popen', 'stream_select']
72
73
74 class PhpIniScan:
75
76 def __init__(self, file, xml):
77 self.config = ""
78 for line in open(file,"r"):
79 if not re.match(r'(^(;|\[))',line,) and line[0] != '\n':
80 self.config += line.lstrip()
81 self.recommended = "\nRecommended configuration changes in php.ini:\n"
82 self.xml = xml
83
84 def xml_export(self,directive,rec):
85 if self.xml is not None:
86 newElement = ET.SubElement(self.xml, directive[0])
87 newElement.attrib['rec'] = rec
88 newElement.text = directive[1]
89
90 def global_check(self):
91 print("[+]\033[0;41mVulnerabilites/Informations\033[0m:")
92 for line in self.config.split('\n'):
93 directive = ''.join(line.split()).split('=')
94
95 if ( rules.has_key(directive[0]) and not equals(rules[directive[0]][1],directive[1])) or directive[0] in bad_default_config:
96 print(" \033[1;30m({})\033[0m {}".format(directive[0],rules[directive[0]][0]))
97 self.recommended += " {} = {}\n".format(directive[0],rules[directive[0]][1])
98 self.xml_export(directive,rules[directive[0]][0])
99 continue
100
101 if rules.has_key(directive[0]) and directive[1] == "":
102 print(" \033[1;30m({})\033[0m {}".format(directive[0],rules[directive[0]][0]))
103 self.recommended += " {} = {}\n".format(directive[0],rules[directive[0]][1])
104 self.xml_export(directive,rules[directive[0]][0])
105 continue
106
107 if directive[0] == "session.hash_function" and directive[1] in weak_functions:
108 print(" \033[1;30m({})\033[0m {}".format(directive[0],rules[directive[0]][0]))
109 self.recommended += " {} = sha256\n".format(directive[0])
110 self.xml_export(directive,rules[directive[0]][0])
111 continue
112
113 if directive[0] == "disable_functions":
114 for option in weak_php_functions:
115 if not option in directive[1]:
116 print(" \033[1;30m(disable_functions)\033[0m {} not listed".format(option))
117 self.recommended += " disable_functions = ... , {} , ...\n".format(option)
118 self.xml_export(directive,"")
119 continue
120
121 for element in is_set_config:
122 if not element in self.config:
123 print(" \033[1;30m({})\033[0m {}".format(element,rules[element][0]))
124 self.recommended += " {} is not set\n".format(element)
125 directive = [element,'isNotSet']
126 self.xml_export(directive,rules[directive[0]][0])
127
128 for element in bad_default_config:
129 if not element in self.config:
130 print(" \033[1;30m({})\033[0m {}".format(element,rules[element][0]))
131 self.recommended += " {} = {}\n".format(element,rules[element][1])
132 directive = [element,'defaultValue']
133 self.xml_export(directive,rules[directive[0]][0])
134
135 # TODO Session save path not set or world writeable || CheckSessionPath
136 # TODO Entropy file is not defined || CheckSessionEntropyPath
137 # TODO Maximum post size too large || MaximumPostSize
138 # TODO Disable harmful CLI functions || DisableCliFunctions
139 # TODO CVE-2013-1635 || CheckSoapWsdlCacheDir
140 # TODO Ensure file uploads workCheck || UploadTmpDir
141 # TODO check the sizes (in M) f some parameters)
142
143 def scanner(file,recmode,xml):
144 filetoscan = PhpIniScan(file,xml)
145 filetoscan.global_check()
146 if recmode:
147 print(filetoscan.recommended)
148 # I'm Py3
+0
-143
scripts/wcscans/webconfig.py less more
0 #!/usr/bin/env python
1 # -*- coding: utf-8 -*-
2
3 '''
4 Faraday Penetration Test IDE
5 Copyright (C) 2013 Infobyte LLC (http://www.infobytesec.com/)
6 See the file 'doc/LICENSE' for the license information
7
8 '''
9
10 from lxml import etree as ET
11
12 rules = {
13 'compilation':{'debug':['ASP.NET Debugging enabled',
14 'false']},
15 'customErrors':{'mode':['Custom Errors disabled',
16 'on remoteonly']},
17 'forms':{'cookieless':['Cookieless authentication Enabled for form',
18 'usecookies'],
19 'requireSSL':['SSL connection is not required',
20 'true'],
21 'slidingExpiration':['Sliding expiration enabled',
22 'false'],
23 'enableCrossAppRedirects':['URL Redirection enabled',
24 'false'],
25 'protection':['The cookies are only encrypted or only validated or not protected',
26 'all']},
27 'httpCookies':{'httpOnlyCookies':['Web cookies are not HttpOnly',
28 'true'],
29 'requireSSL':['Web cookies don\'t require SSL',
30 'true']},
31 'pages':{'enableViewState':['ViewState is enabled (CRSF vulnerability)',
32 'true'],
33 'enableViewStateMac':['ViewState integrity is not checked',
34 'true'],
35 'viewStateEncryptionMode':['ViewState may not be encrypted',
36 'always'],
37 'validateRequest':['Page Validation is not used (XSS vulnerability)',
38 'true']},
39 'roleManager':{'cookieRequireSSL':['Cookies don\'t Require SSL',
40 'true'],
41 'cookieSlidingExpiration':['Sliding expiration enabled',
42 'false'],
43 'cookieProtection':['The cookies are only encrypted or only validated or not protected',
44 'all'],
45 'cookiePath':['Liberal path defined','']},
46 'sessionState':{'cookieless':['Cookieless session stated enabled',
47 'usecookies']},
48 'trace':{'enabled':['Trace is enabled',
49 'false'],
50 'localOnly':['Trace localOnly on false',
51 'true']},
52 'trust':{'level':['Web application\'s trust level is higher than Minimal',
53 'minimal']},
54 'user':{'':['Passwords (or its hashes) are hardcoded','']}
55 }
56
57 class WebConfigScan:
58
59 def __init__(self, file, xml):
60 tree = ET.parse(file)
61 self.root = tree.getroot()
62 self.recommended = "\nRecommended configuration changes in web.config:\n"
63 self.xml = xml
64
65 def xml_export(self,directive,rec):
66 if self.xml is not None:
67 newElement = ET.SubElement(self.xml, directive[0])
68 if len(directive) == 4:
69 newElement.attrib['name'] = directive[3]
70 newElement.attrib['option'] = directive[1]
71 newElement.attrib['rec'] = rec
72 newElement.text = directive[2]
73
74
75 def global_check(self):
76 print("[+]\033[0;41mVulnerabilites/Informations\033[0m:")
77 countforms = 0
78 nameforms = []
79 for element in rules:
80 for tag in self.root.findall(".//"+element):
81 if element == "forms":
82 countforms += 1
83 nameforms.append(tag.attrib['name'])
84 if element == "user":
85 print(" \033[1;30m{}\033[0m {}: {} \033[1;30m({})\033[0m".format(element,
86 tag.attrib['name'],
87 rules[element][''][0],
88 option))
89 self.recommended += " Not to store passwords or hashes in web.config\n"
90 self.xml_export(directive=[element, tag.attrib['name'],'hardcoded'],
91 rec=rules[element][''][0])
92 continue
93
94 for option in tag.attrib:
95 if element == "customErrors" and rules[element].has_key(option) and not tag.attrib[option].lower() in rules[element][option][1]:
96 print(" \033[1;30m{}\033[0m: {} \033[1;30m({})\033[0m".format(element,
97 rules[element][option][0],
98 option))
99 self.recommended += " <{} {}=\"{}\"/>\n".format(element,option,rules[element][option][1])
100 self.xml_export(directive=[element,option,'disabled'],
101 rec=rules[element][option][0])
102 continue
103
104 elif element == "roleManager" and option == "cookiePath":
105 print(" \033[1;30mroleManager\033[0m: Liberal path defined ('{}') (\033[1;30mcookiePath\033[0m)".format(tag.attrib[option].lower()))
106 self.recommended += " <roleManager cookiePath=\"{abcd1234…}\">\n"
107 self.xml_export(directive=[element,option,'liberal'],
108 rec=rules[element][option][0])
109 continue
110
111 if rules[element].has_key(option) and tag.attrib[option].lower() != rules[element][option][1]:
112 if element == "forms":
113 print(" \033[1;30m{}\033[0m {}: {} \033[1;30m({})\033[0m".format(element,
114 tag.attrib['name'],
115 rules[element][option][0],
116 option))
117 self.xml_export(directive=[element,option,tag.attrib[option],tag.attrib['name']],
118 rec=rules[element][option][0])
119
120 else:
121 print(" \033[1;30m{}\033[0m: {} \033[1;30m({})\033[0m".format(element,
122 rules[element][option][0],
123 option))
124
125 self.xml_export(directive=[element,option,tag.attrib[option]],
126 rec=rules[element][option][0])
127 self.recommended += " <{} {}=\"{}\"/>\n".format(element,option,rules[element][option][1])
128 continue
129
130 if countforms > 1 and (nameforms.index('.ASPXAUTH') != "-1" or nameforms.index('ASPXAUTH') != "-1"):
131 print(" \033[1;30mforms\033[0m: Non-Unique authentication cookie used\033[1;30m (name)\033[0m")
132 self.recommended += " <forms name=\"{abcd1234…}\">\n"
133 self.xml_export(directive=['nameforms','name','false'],
134 rec="Non-Unique authentication cookie used")
135
136 def scanner(file,recmode,xml):
137 filetoscan = WebConfigScan(file,xml)
138 filetoscan.global_check()
139 if recmode:
140 print(filetoscan.recommended)
141
142 # I'm Py3
+23
-0
tests/test_api_agent.py less more
456456 )
457457 assert res.status_code == 400
458458
459 def test_run_agent_invalid_executor_argument(self, session, test_client):
460 agent = AgentFactory.create(workspaces=[self.workspace])
461 executor = ExecutorFactory.create(agent=agent)
462
463 session.add(executor)
464 session.commit()
465
466 payload = {
467 'executorData': {
468 "args": {
469 "another_param_name": 'param_content'
470 },
471 "executor": executor.name
472 }
473 }
474
475 res = test_client.post(
476 urljoin(self.url(agent), 'run'),
477 json=payload
478 )
479
480 assert res.status_code == 400
481
459482 def test_invalid_body(self, test_client, session):
460483 agent = AgentFactory.create(workspaces=[self.workspace])
461484 session.add(agent)
+19
-5
tests/test_api_bulk_create.py less more
1313 Vulnerability,
1414 VulnerabilityGeneric,
1515 VulnerabilityWeb,
16 Workspace
17 )
16 Workspace)
17
1818 from faraday.server.api.modules import bulk_create as bc
1919 from tests.factories import CustomFieldsSchemaFactory
2020 from faraday.server.threads.reports_processor import REPORTS_QUEUE
4040 'accountability': True,
4141 'availability': False,
4242 },
43 'refs': ['CVE-1234'],
43 'refs': ['CVE-2021-1234', 'CVE-2020-0004'],
44 'cve': ['CVE-2021-1234', 'CVE-2020-0001'],
4445 'tool': 'some_tool',
4546 'data': 'test data',
4647 'custom_fields': {}
182183 assert vuln.impact_accountability
183184 assert not vuln.impact_availability
184185 assert not vuln.impact_confidentiality
185 assert vuln.references == {u'CVE-1234'}
186 assert set(vuln.references) == set(vuln_data['refs'])
187 assert set(vuln.cve) == set(vuln_data['cve'] + vuln_data['refs'])
188 assert len(vuln.cve) == len(set(vuln_data['cve'] + vuln_data['refs']))
186189 assert vuln.tool == "some_tool"
187190
188191
199202 assert vuln.impact_accountability
200203 assert not vuln.impact_availability
201204 assert not vuln.impact_confidentiality
202 assert vuln.references == {u'CVE-1234'}
205 assert set(vuln.references) == set(vuln_data['refs'])
206 assert set(vuln.cve) == set(vuln_data['cve'] + vuln_data['refs'])
207 assert len(vuln.cve) == len(set(vuln_data['cve'] + vuln_data['refs']))
203208 assert vuln.tool == "some_tool"
204209
205210
210215 bc._create_hostvuln(host.workspace, host, data)
211216 vuln = host.workspace.vulnerabilities[0]
212217 assert vuln.tool == "Web UI"
218
219
220 def test_create_not_fail_with_cve(session, host):
221 with_erroneous_cve_list = vuln_data.copy()
222 with_erroneous_cve_list['cve'] = ['CVSS: 10.0', 'OSVDB:339, OSVDB:8750, OSVDB:11516', 'CVE-1999-0170, CVE-1999-0211, CVE-1999-0554', 'cve-1111-9988']
223 data = bc.VulnerabilitySchema().load(with_erroneous_cve_list)
224 bc._create_hostvuln(host.workspace, host, data)
225 vuln = host.workspace.vulnerabilities[0]
226 assert set(vuln.cve) == set(['CVE-1999-0170', 'CVE-1999-0211', 'CVE-1999-0554', 'CVE-1111-9988'] + vuln_data['refs'])
213227
214228
215229 def test_creates_vuln_with_command_object_with_tool(session, service):
+2
-1
tests/test_api_session.py less more
1212
1313 @pytest.mark.usefixtures('logged_user')
1414 class TestSessionLogged:
15 def test_session_when_user_is_logged(self, test_client):
15 def test_session_when_user_is_logged(self, test_client, user):
1616 res = test_client.get('/session')
1717 assert res.status_code == 200
18 assert user.id == res.json['user_id']
1819
1920 @pytest.mark.parametrize('role', ['admin', 'pentester', 'client', 'asset_owner'])
2021 def test_session_when_user_is_logged_with_different_roles(self, test_client, session, user, role):
+1
-1
tests/test_api_upload_reports.py less more
112112 use_json_data=False
113113 )
114114
115 assert res.status_code == 404
115 assert res.status_code == 403
+94
-7
tests/test_api_vulnerability.py less more
4949 CommandObject,
5050 File,
5151 Host,
52 Service
53 )
52 Service,
53 CVE)
5454 from tests.factories import (
5555 ServiceFactory,
5656 CommandFactory,
7070
7171 def _create_post_data_vulnerability(name, vuln_type, parent_id,
7272 parent_type, refs, policyviolations,
73 status='opened',
73 status='opened', cve=[],
7474 attachments=None, impact=None,
7575 description='desc1234',
7676 confirmed=True, data='data1234',
109109 'owned': owned,
110110 'policyviolations': policyviolations,
111111 'refs': refs,
112 'cve': cve,
112113 'resolution': resolution,
113114 'severity': severity,
114115 'status': status,
11321133 assert vuln_count_previous + 1 == session.query(Vulnerability).count()
11331134 [fileobj.close() for fileobj in attachments]
11341135
1135 def test_create_vuln_with_refs(self, host_with_hostnames, test_client, session):
1136 @pytest.mark.parametrize('cve_list', [
1137 {
1138 'refs': {'data': [], 'count': 0},
1139 'cve': {'data': ['cve-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], 'count': 2}
1140 },
1141 {
1142 'refs': {'data': ['CVE-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], 'count': 2},
1143 'cve': {'data': [], 'count': 2}
1144 },
1145 {
1146 'refs': {'data': ['CVE-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], 'count': 2},
1147 'cve': {'data': ['cve-2017-0003', 'CVE-2017-0012', 'CVE-2017-0012'], 'count': 3}
1148 },
1149 {
1150 # asdf-2017-0002 is a valid format for refs but not for cve. Check CVE_PATTERN in CVE model for more info.
1151 'refs': {'data': ['asdf-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], 'count': 2},
1152 'cve': {'data': ['asdf-2017-0003', 'CVE-2017-0012', 'CVE-2017-0013'], 'count': 2}
1153 },
1154 {
1155 # List of cve as a string.
1156 'refs': {'data': ['asdf-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'], 'count': 2},
1157 'cve': {'data': ['CVE-2017-0003, CVE-2017-0012', 'CVE-2017-0013'], 'count': 3}
1158 },
1159 ])
1160 def test_create_vuln_with_cve(self, cve_list, host_with_hostnames, test_client, session):
11361161 session.commit() # flush host_with_hostnames
11371162 raw_data = _create_post_data_vulnerability(
11381163 name='New vulns',
11391164 vuln_type='Vulnerability',
11401165 parent_id=host_with_hostnames.id,
11411166 parent_type='Host',
1142 refs=['CVE-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'],
1167 refs=cve_list['refs']['data'],
1168 cve=cve_list['cve']['data'],
11431169 policyviolations=[]
11441170 )
11451171 ws = host_with_hostnames.workspace
11461172 vuln_count_previous = session.query(Vulnerability).count()
11471173 res = test_client.post(self.url(workspace=ws), data=raw_data)
11481174 assert res.status_code == 201
1149 assert session.query(Reference).count() == 2
1175 assert session.query(Reference).count() == cve_list['refs']['count']
1176 assert session.query(CVE).count() == cve_list['cve']['count']
11501177 assert vuln_count_previous + 1 == session.query(Vulnerability).count()
1178
1179 def test_patch_vuln_with_cve_list(self, host_with_hostnames, test_client, session):
1180 session.commit() # flush host_with_hostnames
1181 raw_data = _create_post_data_vulnerability(
1182 name='New vulns',
1183 vuln_type='Vulnerability',
1184 parent_id=host_with_hostnames.id,
1185 parent_type='Host',
1186 refs=[],
1187 cve=['CVE-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'],
1188 policyviolations=[]
1189 )
1190 ws = host_with_hostnames.workspace
1191 res = test_client.post(self.url(workspace=ws), data=raw_data)
1192 assert res.status_code == 201
1193
1194 new_cve_list = ['CVE-2017-0001']
1195 res = test_client.patch(f'{self.url(res.json["_id"], workspace=ws)}', data={'cve': new_cve_list})
1196 assert res.status_code == 200
1197 assert set(res.json['cve']) == set(new_cve_list)
1198
1199 def test_create_vuln_and_get_cve_list(self, host_with_hostnames, test_client, session):
1200 session.commit() # flush host_with_hostnames
1201 raw_data = _create_post_data_vulnerability(
1202 name='New vulns',
1203 vuln_type='Vulnerability',
1204 parent_id=host_with_hostnames.id,
1205 parent_type='Host',
1206 refs=[],
1207 cve=['CVE-2017-0002', 'CVE-2017-0012', 'CVE-2017-0012'],
1208 policyviolations=[]
1209 )
1210 ws = host_with_hostnames.workspace
1211 res = test_client.post(self.url(workspace=ws), data=raw_data)
1212 assert res.status_code == 201
1213 assert len(res.json['cve']) == 2
1214
1215 def test_create_vuln_with_malformed_cve_list(self, host_with_hostnames, test_client, session):
1216 session.commit() # flush host_with_hostnames
1217 raw_data = _create_post_data_vulnerability(
1218 name='New vulns',
1219 vuln_type='Vulnerability',
1220 parent_id=host_with_hostnames.id,
1221 parent_type='Host',
1222 refs=['CVE-2018-1234'],
1223 cve=['CVE-2017-0002', 'CVE-2017-0X12', 'CVE-2017-0012'],
1224 policyviolations=[]
1225 )
1226 ws = host_with_hostnames.workspace
1227 res = test_client.post(self.url(workspace=ws), data=raw_data)
1228 assert res.status_code == 201
1229 assert len(res.json['cve']) == 3
1230 assert set(res.json['cve']) == set(['CVE-2018-1234', 'CVE-2017-0002', 'CVE-2017-0012'])
11511231
11521232 def test_create_vuln_with_policyviolations(self, host_with_hostnames, test_client, session):
11531233 session.commit() # flush host_with_hostnames
22132293 new_host = HostFactory.create(workspace=workspace)
22142294 session.commit()
22152295
2296 attachments = [
2297 (TEST_DATA_PATH / 'faraday.png').open('rb'),
2298 (TEST_DATA_PATH / 'test.html').open('rb')
2299 ]
2300
22162301 raw_data = _create_post_data_vulnerability(
22172302 name='vuln_1',
22182303 vuln_type='Vulnerability',
22222307 policyviolations=[],
22232308 description='helloworld',
22242309 severity='medium',
2310 attachments=attachments,
22252311 )
22262312 res = test_client.post(f'/v3/ws/{workspace.name}/vulns', data=raw_data)
22272313
22332319 assert res.status_code == 200
22342320 value = res.json['vulnerabilities'][0]['value']
22352321 assert value['name'] == 'vuln_1'
2322 assert '_attachments' not in value
2323 assert value['attachments_count'] == 2
22362324
22372325 def test_invalid_vuln_filters(self, test_client, session, workspace):
22382326 data = {
31443232 assert res.json['tool'] == command.tool
31453233
31463234 @pytest.mark.parametrize('refs', [
3147 ('cve', 'CVE-2017-0002'),
31483235 ('owasp', 'https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet'),
31493236 ('cwe', 'CWE-135'),
31503237 ('cvss', 'CVSS v2 Vector(AV:A/AC:M/Au:S/C:P/I:P/A:N)'),
+14
-8
tests/test_api_workspace.py less more
143143 assert res.json['stats']['critical_vulns'] == 0
144144 assert res.json['stats']['info_vulns'] == 2
145145 assert res.json['stats']['total_vulns'] == 2
146 assert res.json['last_run_agent_date'] is None
147 assert res.json['stats']['opened_vulns'] == 10
148 assert res.json['stats']['confirmed_vulns'] == 2
146149
147150 @pytest.mark.parametrize('querystring', [
148151 '?status=closed'
172175 assert res.json['stats']['critical_vulns'] == 0
173176 assert res.json['stats']['info_vulns'] == 3
174177 assert res.json['stats']['total_vulns'] == 3
178 assert res.json['stats']['opened_vulns'] == 0
179 assert res.json['stats']['confirmed_vulns'] == 3
175180
176181 @pytest.mark.parametrize('querystring', [
177182 '?status=asdfss',
226231 '?confirmed=0',
227232 '?confirmed=false'
228233 ])
229 def test_vuln_count_confirmed_2(self,
230 vulnerability_factory,
231 test_client,
232 session,
233 querystring):
234 vulns = vulnerability_factory.create_batch(8, workspace=self.first_object,
235 confirmed=False)
234 def test_vuln_count_confirmed_2(self, vulnerability_factory, test_client, session, querystring):
235 vulns = vulnerability_factory.create_batch(8, workspace=self.first_object,
236 confirmed=False, severity='critical', status='open')
236237 vulns += vulnerability_factory.create_batch(5, workspace=self.first_object,
237 confirmed=True)
238 confirmed=True, status='open')
238239 session.add_all(vulns)
239240 session.commit()
240241 res = test_client.get(self.url(self.first_object) + querystring)
241242 assert res.status_code == 200
243 assert res.json['stats']['std_vulns'] == 8
244 assert res.json['stats']['critical_vulns'] == 8
245 assert res.json['stats']['info_vulns'] == 0
246 assert res.json['stats']['opened_vulns'] == 13
247 assert res.json['stats']['confirmed_vulns'] == 0
242248 assert res.json['stats']['total_vulns'] == 8
243249
244250 def test_create_fails_with_valid_duration(self, session, test_client):